portaldobitcoin.uol.com.br Open in urlscan Pro
200.147.4.47 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://portaldobitcoin.uol.com.br/
Effective URL:
https://portaldobitcoin.uol.com.br/
Submission: On February 01 via manual (February 1st 2022, 10:25:21 pm UTC) from BR — Scanned from DE

Summary HTTP 304 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 47 IPs in 9 countries across 41 domains to perform 304 HTTP transactions. The main IP is 200.147.4.47, located in Brazil and belongs to Universo Online S.A., BR. The main domain is portaldobitcoin.uol.com.br.
TLS certificate: Issued by R3 on December 27th 2021. Valid for: 3 months.

This is the only time portaldobitcoin.uol.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 63	200.147.4.47 200.147.4.47	7162 (Universo ...) (Universo Online S.A.)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
10	2600:9000:225... 2600:9000:2250:1600:6:9eb2:5cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c1b::9b	15169 (GOOGLE) (GOOGLE)
12	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
7	2606:4700:303... 2606:4700:3036::6815:163e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
3	2600:9000:225... 2600:9000:2251:9e00:6:5b96:3f00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2804:49c:4208... 2804:49c:4208:405:ffff:ffff:ffff:3	7162 (Universo ...) (Universo Online S.A.)
1	2804:49c:3101... 2804:49c:3101:401:ffff:ffff:ffff:50	15201 (Universo ...) (Universo Online S.A.)
2	2804:49c:3403... 2804:49c:3403:2676:ffff:ffff:ffff:6	7162 (Universo ...) (Universo Online S.A.)
2	2600:9000:223... 2600:9000:223d:c400:d:bb6e:2980:93a1	16509 (AMAZON-02) (AMAZON-02)
7	34.102.185.99 34.102.185.99	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2600:9000:236... 2600:9000:236e:ae00:1:bcff:6780:93a1	16509 (AMAZON-02) (AMAZON-02)
18	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3 8	13.32.121.72 13.32.121.72	16509 (AMAZON-02) (AMAZON-02)
5	2804:49c:3102... 2804:49c:3102:405:ffff:ffff:ffff:7	15201 (Universo ...) (Universo Online S.A.)
2	2600:9000:223... 2600:9000:223c:1a00:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
10 31	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
5 11	2.20.85.164 2.20.85.164	16625 (AKAMAI-AS) (AKAMAI-AS)
4 7	185.33.221.13 185.33.221.13	29990 (ASN-APPNEX) (ASN-APPNEX)
37	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::714	54113 (FASTLY) (FASTLY)
1	23.22.200.199 23.22.200.199	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2606:4700::68... 2606:4700::6812:c05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
3 3	37.157.2.236 37.157.2.236	198622 (ADFORM) (ADFORM)
2 2	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 2	3.127.158.112 3.127.158.112	16509 (AMAZON-02) (AMAZON-02)
4 4	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
6	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2	18.66.97.94 18.66.97.94	16509 (AMAZON-02) (AMAZON-02)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
3 3	18.157.231.140 18.157.231.140	16509 (AMAZON-02) (AMAZON-02)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	2600:9000:223... 2600:9000:223f:1400:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 2	54.171.208.149 54.171.208.149	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
3 3	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
1	82.113.101.132 82.113.101.132	6805 (TDDE-ASN1) (TDDE-ASN1)
2	2600:9000:223... 2600:9000:223f:c600:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	52.201.20.189 52.201.20.189	14618 (AMAZON-AES) (AMAZON-AES)
1	2804:49c:3101... 2804:49c:3101:401:ffff:ffff:ffff:52	15201 (Universo ...) (Universo Online S.A.)
304	47

63 200.147.4.47 (Brazil) 1 redirects

ASN7162 (Universo Online S.A., BR)
PTR: hugogloss.com

portaldobitcoin.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:2250:1600:6:9eb2:5cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tm.jsuol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3036::6815:163e (United States)

ASN13335 (CLOUDFLARENET, US)

portaldobitcoin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2251:9e00:6:5b96:3f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tm.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2804:49c:4208:405:ffff:ffff:ffff:3 (Brazil)

ASN7162 (Universo Online S.A., BR)

jsuol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2804:49c:3101:401:ffff:ffff:ffff:50 (Brazil)

ASN15201 (Universo Online S.A., BR)

me.jsuol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2804:49c:3403:2676:ffff:ffff:ffff:6 (Brazil)

ASN7162 (Universo Online S.A., BR)

t.dynad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223d:c400:d:bb6e:2980:93a1 (United States)

ASN16509 (AMAZON-02, US)

upc.udr.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.102.185.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.185.102.34.bc.googleusercontent.com

tt-10162-1.seg.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:236e:ae00:1:bcff:6780:93a1 (United States)

ASN16509 (AMAZON-02, US)

udr.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.32.121.72 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-72.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2804:49c:3102:405:ffff:ffff:ffff:7 (Brazil)

ASN15201 (Universo Online S.A., BR)

stc.uol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imguol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:1a00:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 142.250.186.130 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2.20.85.164 (Milan, Italy) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-85-164.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.33.221.13 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.22.200.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-200-199.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.2.236 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 2 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.158.112 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-158-112.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.156.0.31 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-94.fra56.r.cloudfront.net

s.dynad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.157.231.140 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-231-140.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:1400:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 76.223.111.18 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.208.149 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-208-149.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (United Kingdom) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.113.101.132 (Hanau, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:c600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.201.20.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-20-189.compute-1.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2804:49c:3101:401:ffff:ffff:ffff:52 (Brazil)

ASN15201 (Universo Online S.A., BR)

tracker.bt.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
71	uol.com.br 1 redirects portaldobitcoin.uol.com.br tm.uol.com.br — Cisco Umbrella Rank: 83530 upc.udr.uol.com.br — Cisco Umbrella Rank: 156020 udr.uol.com.br — Cisco Umbrella Rank: 115647 tracker.bt.uol.com.br — Cisco Umbrella Rank: 92352	1 MB
58	doubleclick.net 10 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 stats.g.doubleclick.net — Cisco Umbrella Rank: 96 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 cm.g.doubleclick.net — Cisco Umbrella Rank: 197 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274 pubads.g.doubleclick.net — Cisco Umbrella Rank: 462	304 KB
52	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 124	423 KB
37	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 255	475 KB
12	jsuol.com.br tm.jsuol.com.br — Cisco Umbrella Rank: 56935 jsuol.com.br — Cisco Umbrella Rank: 52122 me.jsuol.com.br — Cisco Umbrella Rank: 85508	113 KB
11	casalemedia.com 5 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590	10 KB
9	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 711 static.adsafeprotected.com — Cisco Umbrella Rank: 533 dt.adsafeprotected.com — Cisco Umbrella Rank: 484	94 KB
8	scorecardresearch.com 3 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 138	7 KB
8	google.com adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13	2 KB
7	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 241	7 KB
7	tailtarget.com tt-10162-1.seg.t.tailtarget.com — Cisco Umbrella Rank: 129161 b.t.tailtarget.com — Cisco Umbrella Rank: 18816 m.t.tailtarget.com — Cisco Umbrella Rank: 131889 t.tailtarget.com — Cisco Umbrella Rank: 5010	1 KB
7	portaldobitcoin.com portaldobitcoin.com	31 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	40 KB
4	yahoo.com 4 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 283	2 KB
4	uol.com stc.uol.com — Cisco Umbrella Rank: 100884	93 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	151 KB
4	dynad.net t.dynad.net — Cisco Umbrella Rank: 64930 s.dynad.net — Cisco Umbrella Rank: 65113	94 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 8028 www.google.de — Cisco Umbrella Rank: 5557	1 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47 imasdk.googleapis.com — Cisco Umbrella Rank: 418	322 KB
3	3lift.com 3 redirects eb2.3lift.com — Cisco Umbrella Rank: 389	1 KB
3	w55c.net 3 redirects pm.w55c.net — Cisco Umbrella Rank: 876	3 KB
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 608	2 KB
3	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1277 mab.chartbeat.com — Cisco Umbrella Rank: 2247	33 KB
3	gstatic.com fonts.gstatic.com	62 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 528	2 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 770 r.turn.com — Cisco Umbrella Rank: 3243	869 B
2	advertising.com 2 redirects pixel.advertising.com — Cisco Umbrella Rank: 327	939 B
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 595	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 808 s.tribalfusion.com — Cisco Umbrella Rank: 2305	1 KB
1	o2online.de portal.o2online.de — Cisco Umbrella Rank: 51584	609 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905	581 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 626	191 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 560	536 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 707	440 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 312	456 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 329	265 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 19998	521 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1120	201 B
1	imguol.com imguol.com — Cisco Umbrella Rank: 97661	3 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 777	643 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	36 KB
304	41

	Domain	Requested by
63	portaldobitcoin.uol.com.br	1 redirects portaldobitcoin.uol.com.br
37	s0.2mdn.net	portaldobitcoin.uol.com.br s0.2mdn.net c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com imasdk.googleapis.com
31	cm.g.doubleclick.net	10 redirects googleads.g.doubleclick.net c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com portaldobitcoin.uol.com.br
30	pagead2.googlesyndication.com	portaldobitcoin.uol.com.br pagead2.googlesyndication.com googleads.g.doubleclick.net c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com srcdoc
18	tpc.googlesyndication.com	securepubads.g.doubleclick.net portaldobitcoin.uol.com.br c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
11	dsum-sec.casalemedia.com	5 redirects googleads.g.doubleclick.net
10	securepubads.g.doubleclick.net	tm.jsuol.com.br securepubads.g.doubleclick.net portaldobitcoin.uol.com.br www.googletagservices.com
10	tm.jsuol.com.br	portaldobitcoin.uol.com.br tm.jsuol.com.br tm.uol.com.br
8	sb.scorecardresearch.com	3 redirects portaldobitcoin.uol.com.br
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com portaldobitcoin.uol.com.br c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
7	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
7	portaldobitcoin.com	portaldobitcoin.uol.com.br
6	googleads4.g.doubleclick.net	portaldobitcoin.uol.com.br
5	dt.adsafeprotected.com	c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
5	www.google.com	portaldobitcoin.uol.com.br securepubads.g.doubleclick.net c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com tpc.googlesyndication.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com me.jsuol.com.br portaldobitcoin.uol.com.br
4	ups.analytics.yahoo.com	4 redirects
4	stc.uol.com	jsuol.com.br portaldobitcoin.uol.com.br
4	www.googletagservices.com	securepubads.g.doubleclick.net portaldobitcoin.uol.com.br c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
4	c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	eb2.3lift.com	3 redirects
3	pm.w55c.net	3 redirects
3	c1.adform.net	3 redirects
3	tt-10162-1.seg.t.tailtarget.com	tm.jsuol.com.br portaldobitcoin.uol.com.br
3	tm.uol.com.br	tm.jsuol.com.br portaldobitcoin.uol.com.br
3	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net imasdk.googleapis.com
3	fonts.gstatic.com	fonts.googleapis.com
2	static.adsafeprotected.com	c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
2	sync.1rx.io	2 redirects
2	imasdk.googleapis.com	s.dynad.net imasdk.googleapis.com
2	fw.adsafeprotected.com	1 redirects portaldobitcoin.uol.com.br
2	s.dynad.net	t.dynad.net
2	pixel.advertising.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	static.chartbeat.com	jsuol.com.br
2	udr.uol.com.br	tm.jsuol.com.br
2	b.t.tailtarget.com	tm.jsuol.com.br
2	upc.udr.uol.com.br	tm.jsuol.com.br
2	t.dynad.net	portaldobitcoin.uol.com.br
2	www.google.de	portaldobitcoin.uol.com.br
2	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	stats.g.doubleclick.net	www.google-analytics.com
2	fonts.googleapis.com	portaldobitcoin.uol.com.br s0.2mdn.net
1	tracker.bt.uol.com.br	portaldobitcoin.uol.com.br
1	pubads.g.doubleclick.net	imasdk.googleapis.com
1	portal.o2online.de	portaldobitcoin.uol.com.br
1	sync.targeting.unrulymedia.com	1 redirects
1	pixel-sync.sitescout.com	c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
1	sync-tm.everesttech.net	1 redirects
1	s.ad.smaato.net	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	match.adsrvr.org	c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
1	r.turn.com	c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
1	ad.turn.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	s.tribalfusion.com	c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
1	a.tribalfusion.com	1 redirects
1	ping.chartbeat.net	portaldobitcoin.uol.com.br
1	mab.chartbeat.com	static.chartbeat.com
1	imguol.com	portaldobitcoin.uol.com.br
1	t.tailtarget.com	portaldobitcoin.uol.com.br
1	m.t.tailtarget.com	portaldobitcoin.uol.com.br
1	me.jsuol.com.br	tm.jsuol.com.br
1	jsuol.com.br	tm.jsuol.com.br
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	portaldobitcoin.uol.com.br
304	66

This site contains links to these domains. Also see Links.

Domain
clicklogger.rm.uol.com.br
www.uol.com.br
busca.uol.com.br
batepapo.uol.com.br
email.uol.com.br
www.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
calendario.portaldobitcoin.uol.com.br
sobreuol.noticias.uol.com.br

Subject Issuer	Validity	Valid
psec02.uol.com.br R3	`2021-12-27` - `2022-03-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.jsuol.com.br Amazon	`2021-10-02` - `2022-10-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-13` - `2022-07-12`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.uol.com.br Amazon	`2021-09-04` - `2022-10-03`	a year	crt.sh
*.dynad.net RapidSSL RSA CA 2018	`2020-05-11` - `2022-07-10`	2 years	crt.sh
*.udr.uol.com.br Amazon	`2021-09-01` - `2022-09-30`	a year	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-26` - `2022-06-25`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
stc.uol.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-03-30`	a year	crt.sh
*.imguol.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-08-13` - `2022-08-13`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.o2online.de DigiCert TLS RSA SHA256 2020 CA1	`2021-01-19` - `2022-02-19`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh
uol.com GeoTrust RSA CA 2018	`2020-07-30` - `2022-09-28`	2 years	crt.sh

This page contains 32 frames:

Primary Page: https://portaldobitcoin.uol.com.br/
Frame ID: E739FB190E2D2CA499BAA0E1B9A58E68
Requests: 136 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220131/r20190131/zrt_lookup.html
Frame ID: 5F43CD54F1D68452ADBA6DC772E7DD6B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5124525914303576&output=html&adk=1812271804&adf=3025194257&lmt=1643754312&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fportaldobitcoin.uol.com.br%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643754312872&bpp=3&bdt=790&idt=70&shv=r20220131&mjsv=m202201240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3870943842260&frm=20&pv=2&ga_vid=289430633.1643754313&ga_sid=1643754313&ga_hid=1739137194&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064528&oid=2&pvsid=2270778085280055&pem=426&tmod=1831328892&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=86
Frame ID: D0E8C8FF3F0AE062C1C61D2D549506E8
Requests: 1 HTTP requests in this frame

Frame: https://tm.uol.com.br/mercurio.html
Frame ID: 92D06FC2057DF63FF1616FEEA8B8DEFF
Requests: 2 HTTP requests in this frame

Frame: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B4FBE7C4930CD9A5E2C087B47C636F07
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYUIFLjD9-oajmHpQ8PxH9q79X4eAxdxYWy7JM81czEybTi2g0Ymd0N9f-rlbENmDtxM7nhGt0VPjVTY8kH0IpNleoLBWB4SfG1lQGhm1iFbUjp_x6g25CvOLz0s5y26lfaG2BbRYOUfvvM60OI0BHBWSjpKG6NwH0FEBfrwtA9VvX4nMzeA0bpJsqkfrvA6TIXd-_vdYo7AuwJRrx3dhKOU3gQzsMSVTulFP0jX0Z3QzE1P2Ee8pNO2aValBgBxUvpApfQ8DMvlypg8_ms0OqAiGxHdnNqgXlnk8pH9I7nxYH3c27MVUcMbidD4RMCRDYg4ey_apGLK9qFILSDQ&sig=Cg0ArKJSzAqplrBuVKcPEAE&uach_m=[UACH]&adurl=
Frame ID: B6ECCB5E9BE7177B320713DA8926072B
Requests: 9 HTTP requests in this frame

Frame: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CC3A7E7467C343C095A75719C9AE279D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEIHeluACGMH50rUBMAE&v=APEucNW8EL6XwKE2wVXdPUKPDuQ_Jg-5TGyu3n3E85KXz_63yeDIZDpe_lIWs_tSV-_1JHG1Cej1PTWEZ-q-IqFge_C326kwjlyCuORlz8jmBuhQLkCKFXeRx5n3XEDjsJMkMeMSjloX6wPcYdZJ1Ox7K2PkIsrmPQW_fXj7FvDrDhMCcF4sxgY
Frame ID: 4B63BCD18DFD7F49AE163FD39C033B75
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DpPQNQIbX1yCLvxZK5scEmi0G3qdcTaUlXM3_sowOuKtoRxW7hz5zrtDhejgNsTkuDJ_-xZbDDx0XLJ5oyIxrt6W3hFcbyE5BkDSby8iVbgbgNz3OCQRReM90TNPZ2CJvOpEsg0NJuyQwCwfkDm5fVZxYrYw&dbm_d=AKAmf-Cfxkg8ZOF8eUJDp8e__y-ptxN67PRfu3mmEk-k4roJgKvHGmS6dxsUCC85hd9iRbUlHW2Qh8m-oSw4WHlaqLGNqDtfq_l_xt4G_vMYDgEcTFkc1qlG9ruXQ6OB8-nLG-4LDBsioY0MncWN-6ad9iWWv3RQY1G3-jBn3slPTh8z-eUPJ4CTHsC4HiEiN5qpMwkh8qzURTSA8yG6ZvBBKjfhrktCLL3viJ4y0A254bNsmETa38__WB_DkA_W3k1CYa71YxbUGAOSRE7B_JukY-v92C2GIhrBwAvCcftKiTcmb516UHUjjJXJkutYX3SUUoIcdgfIZMElG54cd7530fq5WzmkN3KdwLv2sfWK1_zTlNzbya-DG6IFB4G5fG7DlBnRHiEO-Xq4n5-W7w-8ncNI2bmxM3-09L_79HwSi5AH-cnZB2JTM9lpMiXaFp5LzkdiZnzpEuomQgB3y5OxTnfSnjvX_qM_JXJUHCrQVNt6BzqSOr8z9toiP39SBXuM9p2OUvDkLq6yPDkWUY1MrhUKA6nJDJCJ-l7EDRGITBUXsh3ZlY3igYhQzZXot4YF6BdWBqAxhqQTMDNjgBCoYUmv0RwNHKquWTU-A4hgBz_OfLdkmQZyRUYAlhVGLJ4-lkTmOPMeBRurIQS0u0Z0UyhfteG5BslCXyGwn2cefdKjIZzRXNb7HpZgoOBoY8j8ISfDn4Z7g722OuRWfeC8_3lZVHAWAZpv9IMvC8EEIWULgVbEcz5lo8nfinMpnO0UsGSqp02d1VDqkuMxW8M8gM4sr1gtK2X5S9CI5oBqBTf4IIwMhEQXwzK2KNGyF7QyU2ppagqulHFBhNN-cwxKpZnQYa-EoLazhYnLbSTZQpKQ9sejRtTUkYYARA40crOooklTBXBwD2smYFLI4EKE3cDJvbZUw5HKb1Es4zZrduDuoNHGpCeSQrVBQVcDYSrGB5juwgOzaMItwdaTvdn6OwSXwNz0DRg0Ok3boFvYxDtICBZWFIgsCuT5-Bm0Yil7h4AGm2mds4wu2pEw_lpMIR016eecw9fa_VM03Qj3TAq3jeN064HVpT_RU4d79C5bNgYk-Ts2AvbhAHwawZoHXTTP-Z8HnOFuXhUFzLgAvAq_00_dWlok8s66Mau2ZwXwoaJNx4VKeWtOElOquRmSDkeNJ2l5F7RVjLDf6vsEgl_oKFQvzjdIExZ_ciUwCPkkneJFDzPhpSm8kGevP6DGVy8JatSooVdPTXpTWK0qEKliOQTYEqcGC0avq0OGXQBcj9FDLaNMvSQUNvWPvFD1o1HyA2L67CxMGTHl13Aq5FHYc2quBjjr-k9jd60hFcoEQzZcnjVJYR5iF8AngtW-puKU_BVqvsl1geyctXmz7lpc61n-yuxgm6-RJuWxqWbY4iCSLhWbRARbZaW2tOgcVtyBGsBRgWY6BofanuvRGk3BEY1NB6t8qK0B2Vyr93VGvL8otbHiWJUYq86MDFNYIhSiehM824bQb2Jck3YT6AoyTlYuvmb4L-9lkC5mqE7eqW93DvJ7kdrrNF0BYnLUHfnDEDuzgXBYpxf8Kt7Rt6QvWVBLftVumpLxXzx93QKjsafoUu3SjKqSDU5lW0GwIPjzIYep4QFXsoTTzKZPwnWCwshIeABl09_TVCy029rojO9U3b58jGqvE8IGhSlUr9LEhodYOCdBUa1Ly_jzDKRV6YwzsALA--lchGjdWdypLQ4JAwcRU0fUR6ugO8iSu4Zza49vhul9VQUrTEML8PIyA_-PKykW4QxlOMTYECfQTFTnN419nL2V26wT5_53-sJQmR3DG-A8m6gXXfUJa8p8mXy8yho2HFn7o_nEyvGByyPv8zJk6GNHISccBZ6WB_5eY7Mhc2htWBgXp5JGVRc4x4SCLM01zGp8gw8-X4SoTwBcnHnFZr44lD4jn_nmWKI_BIv6D51Bzd6PA3JZko2yP8gqNfAqXAMFE2YgLh6_qj85Mmr-TFyS17Moyzs8W2Z1RWSoX0_Qr5q0yCTgbfAqHhPXMnIB1bUAoZV0RVYnbL2JgQTuTr6YdCuC4a6Gu3_9__eNS42Svnrx-Rhhn8uHMwTty0NERPDUig2Js-kJKddfpJIaqvVjlMt_-KtNUwrU_TR1czdx_k0sC1OJLdGOW9ASeXsQ2tQmnl7HqtKal7Wp68LPWgg43r3Z9w2efvDP2aToYn0uzeyKsWOQ6AwtyYB4jyczjMIjXnkfqNMEtrRba5lOxWSi5rkZrHJ-23g-ZDRq_RDw52QxqEmfwU9L3ZiK3Sg6SfZnU4iBdLAezAhYxt-X_1eWB3lfiOWkiwBr5gYcMM76IhK5fU0vyKHKI7OuwOuK3IFEaMiJ5msNRVAvkyZJn8DfSmY4Z5LFTJ0ha5Lyb_Sh5-L8Bm-ylZzlLMqmWUbjN40pP_4tOMayu2QZBOWMqhV3VuBC99P1ift2P5POIOvIYu2RnlAKkouGaUGnqpvZZR-eiQBsBCPj9X-LHvc3-ffxuepzbOSSlHiZK-XWch8_iSZBuJGS2rJNWNZ5StvJjM8WKdzBziebGyMEtw74ltLpeN3E7PLMOWz6kNO5KUGpjWkvszJr_eRmdCwn5epRivkz9c5fOdFHD73EyPGXW7eg-kA3QJQNLXP_etngyC0DRFn_R-PcjZOwQYTJAG09FfufsDiF8wTc7UzuJggQ6k31egQvWWjMMfVZFSF9j-jAwWJSQ_kAjVmOejzcssGnnwb_oKRYksG5Psd5CsP6V2ldrO7A68ZRP5SooeLHeFKv-_bGICPS__nP3oPv-Ur_KTAupslWgOPOgt2ibZhgg3Jkv60fPyOMCVzn0U-fMIOegihYl1fN5CP-rQ-CsLFPC-RAiInIFNnY4cFtan9H4_1dZn6T2VxXY4qG9XumFQuGOYqCO4BZjmfd6j45vOwZo9ujj0axo9jmCfB5aZhVIJCk-NOJHJPr7-CANV85Is-eZWpqCmBRCWJVDhZdVKeYe-eU6Wd-Mje9b6kRqQbUuqxPwYivTkmqVQxs3BucUMMeeDY46PT1_sNnr29kKDe1IZlDoVRr4gXDdaok_JCL&cid=CAASEuRoVPNCr1PfZEmbW-F1Kx9zSQ&rfl=2%2Chttps%253A%252F%252Fportaldobitcoin.uol.com.br%252F%240
Frame ID: 9A37A754F1C922A12592C59A396330BD
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5F4B51B2377EDCC3E124A93DE9F9FF04
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C64A965865392599A1CD9DD7BBAAC6D3
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17958001102165811819/index.html
Frame ID: CF7B7183745DF8DF16AD407A5DA7566C
Requests: 20 HTTP requests in this frame

Frame: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7BF03479373FA285D1FE0A5D82400E34
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiA_aO-ATAB&v=APEucNVy7T_RqPVpn6XWmLTPPlc8Q7bMoXIA5e25y9BXid2GCNYU6DxUfSVcxnjkZb-6bnlobwAB0BTBbqEwMGGxmoZvsi1qxBYuHvkYNsd0_uMuipCkRjDZ2AE72T1u0aoprkBPRG5aMGOxfFzKFSX_X_QcyqzjIhNXHYvQpC0TpFXV-jv8iNw
Frame ID: 760E66D6ED28B38549387B0D93C9FCBA
Requests: 5 HTTP requests in this frame

Frame: https://s.dynad.net/stack/KMA9C2O70iP6CHSgXk0LGaQ8ML9m6vJE4RIi1Rf61p4.html?v69
Frame ID: C79C65FD4D4C5DBED96E037F10844FA0
Requests: 1 HTTP requests in this frame

Frame: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html
Frame ID: C43F4A59A4B50BD638E520C72768F464
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 61AE3DE30224CE775E955B7164836329
Requests: 9 HTTP requests in this frame

Frame: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A88D21877E38F4C24E47D0D82B0D0601
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 67ECB9BEFFA4DDA623B72EEAA5429108
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYn6KFvgEwAQ&v=APEucNUb1cQ8M7kceWb2I_9KjLHwFINj6geUSJDn0hypA8uaIj8Cl7ngivxq7pKrHLEf7PheEkPgi2m_Sr9ImMIIsxOR-MlkBdkqPB7qTt3F71ypfRrxV-pTB_IlULI_pIEdklo5RRdfV3mnvp4iRplG2crHHNxqYU6Mi3zXiDHpmZy1mq232tQ
Frame ID: 72632A978CEBE976941E0E2470CC81DB
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2035603817071902720/300x600.html?e=69&leftOffset=0&topOffset=0&c=qHRwOQ7dtx&t=1&renderingType=2
Frame ID: 609BBCC9F53669DA76CF3C56F91FCADB
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11159005284673318224/index.html
Frame ID: 55F36D2146BED4272AE240B8D1449BF0
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 74F323A42141E03BD4ED80BA19C54667
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8183649913C27AA17FF75E54A5ED5F8F
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: F4A58E7CD2A8E7DA79FE7B9E77F52D3C
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.496.0_pt_br.html
Frame ID: 870A6A020455528EA0AB171CF2540ADC
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A537CE4EC6CB427D1C8529C7F0C8E791
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js
Frame ID: 914DF16AE2F3A294FB2602A4CC988602
Requests: 1 HTTP requests in this frame

Frame: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Frame ID: A0FC1DA0206F371A9764320F8434345D
Requests: 2 HTTP requests in this frame

Frame: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Frame ID: F07EE3E0F7A0CF54E6EFBBE0487C79C6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 93D47FD339FC553A5B47134E01E5998F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E7E0DF5E871C552D3CADB956438D56B4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Portal do Bitcoin - A nova economia e o futuro do dinheiro

Page URL History Show full URLs

http://portaldobitcoin.uol.com.br/ HTTP 301
https://portaldobitcoin.uol.com.br/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

304
Requests

89 %
HTTPS

56 %
IPv6

41
Domains

66
Subdomains

47
IPs

9
Countries

3807 kB
Transfer

9167 kB
Size

55
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: http://clicklogger.rm.uol.com.br/?prd=16&grp=src:210;chn:102;cpg:barrauol_parceiros;creative:barrauol-host&msr=Cliques%20de%20Origem:1&oper=11&redir=http://www.uolhost.uol.com.br/
Title: UOL HOST

Search URL Search Domain Scan URL

URL: http://clicklogger.rm.uol.com.br/?prd=16&grp=src:210;chn:102;cpg:%20barrauol_parceiros;creative:barrauol-pagbank&msr=Cliques%20de%20Origem:1&oper=11&redir=https://pagseguro.uol.com.br/conta-digital/conta-digital-gratis/
Title: PAGBANK

Search URL Search Domain Scan URL

URL: https://clicklogger.rm.uol.com.br/?prd=32&grp=src:210;chn:102;cpg:barrauol_parceiros;creative:barrauol-pagseguro&msr=Cliques%20de%20Origem:1&oper=11&redir=https://pagseguro.uol.com.br/
Title: PAGSEGURO

Search URL Search Domain Scan URL

URL: http://clicklogger.rm.uol.com.br/?prd=78&grp=src:210;chn:102;cpg:barrauol_parceiros;creative:barrauol-cursos-online&msr=Cliques%20de%20Origem:1&oper=11&redir=https://www.portaleducacao.com.br/cursos?utm_source=uol&utm_medium=header-menu&utm_campaign=cursos
Title: CURSOS

Search URL Search Domain Scan URL

URL: https://www.uol.com.br/

Search URL Search Domain Scan URL

URL: https://busca.uol.com.br/
Title: BUSCA

Search URL Search Domain Scan URL

URL: https://batepapo.uol.com.br/
Title: BATE-PAPO

Search URL Search Domain Scan URL

URL: https://email.uol.com.br/
Title: EMAIL

Search URL Search Domain Scan URL

URL: https://www.facebook.com/portaldobitcoin

Search URL Search Domain Scan URL

URL: https://twitter.com/portaldobitcoin

Search URL Search Domain Scan URL

URL: https://www.instagram.com/portaldobitcoin/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/portaldobitcoin/

Search URL Search Domain Scan URL

URL: https://calendario.portaldobitcoin.uol.com.br/
Title: Calendário de Eventos

Search URL Search Domain Scan URL

URL: https://sobreuol.noticias.uol.com.br/normas-de-seguranca-e-privacidade.html
Title: Política de Privacidade

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://portaldobitcoin.uol.com.br/ HTTP 301
https://portaldobitcoin.uol.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 122

https://sb.scorecardresearch.com/cs/6036356/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 125

https://sb.scorecardresearch.com/b?c1=8&c2=6036356&c3=1&ns__t=1643754314061&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fportaldobitcoin.uol.com.br%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=8&c2=6036356&c3=1&ns__t=1643754314061&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fportaldobitcoin.uol.com.br%2F&c9=

Request Chain 134

https://sb.scorecardresearch.com/cs/6036356/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 146

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPU4XUeclYDG5yVGMeoU8ys&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPU4XUeclYDG5yVGMeoU8ys&google_cver=1&C=1

Request Chain 147

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfmzSiY0SBAHURrTHgGyjgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA_VJlx1Z3eCOn3iPpn8ZpQ&google_cver=1

Request Chain 148

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFppjpB--FNVG6y8otAZENg&google_cver=1

Request Chain 149

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc2OTg4NzI1NTc5NjEzOTE0

Request Chain 162

https://a.tribalfusion.com/i.match?p=b6&u=CAESEH_UYCPwimsGM4i7rODlxw4&google_cver=1&google_push=AYg5qPL6x1T5jmznr6m6s0fS6YhJ7n02m2jUYU9lZOCyG4GxaO-Dnh8EiXJu-cHZYoURSGp1gza1eA99bxtpFP7_Y8mbmEYXPdO0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPL6x1T5jmznr6m6s0fS6YhJ7n02m2jUYU9lZOCyG4GxaO-Dnh8EiXJu-cHZYoURSGp1gza1eA99bxtpFP7_Y8mbmEYXPdO0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEH_UYCPwimsGM4i7rODlxw4&google_cver=1&google_push=AYg5qPL6x1T5jmznr6m6s0fS6YhJ7n02m2jUYU9lZOCyG4GxaO-Dnh8EiXJu-cHZYoURSGp1gza1eA99bxtpFP7_Y8mbmEYXPdO0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPL6x1T5jmznr6m6s0fS6YhJ7n02m2jUYU9lZOCyG4GxaO-Dnh8EiXJu-cHZYoURSGp1gza1eA99bxtpFP7_Y8mbmEYXPdO0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 163

https://ads.travelaudience.com/google_pixel?google_gid=CAESEKd_dg7UJ5_U-20Pg5ye4zM&google_cver=1&google_push=AYg5qPKcU6LzFibOQw6O7j2tap5_VwNn-ZKxf7TLhj-owJPzVOolaegYQfv4sA2F3mOT6UrIdz7oc9KmsB2a1PWGtwUXGhdU-trT HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=04r_XOq0R3GJXYs2eOEnZQ2&google_push=AYg5qPKcU6LzFibOQw6O7j2tap5_VwNn-ZKxf7TLhj-owJPzVOolaegYQfv4sA2F3mOT6UrIdz7oc9KmsB2a1PWGtwUXGhdU-trT

Request Chain 164

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMXdPFrN1-2FP6TmpQCsN1A&google_cver=1&google_push=AYg5qPIjhTvt5EShk9NN38-K8IlPcPVD2a78cTA9opGASCqxo_eUC5vLIR6lPa2iqSaFnvPICOeBfmoETkH6sgLDkCUhs23MVthL HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMXdPFrN1-2FP6TmpQCsN1A&google_cver=1&google_push=AYg5qPIjhTvt5EShk9NN38-K8IlPcPVD2a78cTA9opGASCqxo_eUC5vLIR6lPa2iqSaFnvPICOeBfmoETkH6sgLDkCUhs23MVthL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjY5MjcxMzA5MjI4OTk3MDc1&google_push=AYg5qPIjhTvt5EShk9NN38-K8IlPcPVD2a78cTA9opGASCqxo_eUC5vLIR6lPa2iqSaFnvPICOeBfmoETkH6sgLDkCUhs23MVthL

Request Chain 165

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJHQKwim-wYDMh7N3yWqvfU&google_cver=1&google_push=AYg5qPL_q0N3qdF1ETdEsc_Y1pbh5Dt4wmHeswYetPw4kTguUdnUoegezTeMy3Ag9Q6E_ymvKcS6tD_8WXc6nQXPLsC7Lj6iJ9qg HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJHQKwim-wYDMh7N3yWqvfU&google_cver=1&google_push=AYg5qPL_q0N3qdF1ETdEsc_Y1pbh5Dt4wmHeswYetPw4kTguUdnUoegezTeMy3Ag9Q6E_ymvKcS6tD_8WXc6nQXPLsC7Lj6iJ9qg&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UBkf9eqtTGOxbO6ah6tKtQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL_q0N3qdF1ETdEsc_Y1pbh5Dt4wmHeswYetPw4kTguUdnUoegezTeMy3Ag9Q6E_ymvKcS6tD_8WXc6nQXPLsC7Lj6iJ9qg

Request Chain 166

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmRUn3tR3YAzQxLmqQDC_L6cQIzycrcaBmvqu1RifyuPoKVKhXnE51P5-y3UWDJXRS HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmRUn3tR3YAzQxLmqQDC_L6cQIzycrcaBmvqu1RifyuPoKVKhXnE51P5-y3UWDJXRS&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmRUn3tR3YAzQxLmqQDC_L6cQIzycrcaBmvqu1RifyuPoKVKhXnE51P5-y3UWDJXRS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmRUn3tR3YAzQxLmqQDC_L6cQIzycrcaBmvqu1RifyuPoKVKhXnE51P5-y3UWDJXRS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmRUn3tR3YAzQxLmqQDC_L6cQIzycrcaBmvqu1RifyuPoKVKhXnE51P5-y3UWDJXRS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmRUn3tR3YAzQxLmqQDC_L6cQIzycrcaBmvqu1RifyuPoKVKhXnE51P5-y3UWDJXRS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmRUn3tR3YAzQxLmqQDC_L6cQIzycrcaBmvqu1RifyuPoKVKhXnE51P5-y3UWDJXRS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmRUn3tR3YAzQxLmqQDC_L6cQIzycrcaBmvqu1RifyuPoKVKhXnE51P5-y3UWDJXRS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmRUn3tR3YAzQxLmqQDC_L6cQIzycrcaBmvqu1RifyuPoKVKhXnE51P5-y3UWDJXRS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmRUn3tR3YAzQxLmqQDC_L6cQIzycrcaBmvqu1RifyuPoKVKhXnE51P5-y3UWDJXRS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmRUn3tR3YAzQxLmqQDC_L6cQIzycrcaBmvqu1RifyuPoKVKhXnE51P5-y3UWDJXRS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmRUn3tR3YAzQxLmqQDC_L6cQIzycrcaBmvqu1RifyuPoKVKhXnE51P5-y3UWDJXRS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmRUn3tR3YAzQxLmqQDC_L6cQIzycrcaBmvqu1RifyuPoKVKhXnE51P5-y3UWDJXRS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmRUn3tR3YAzQxLmqQDC_L6cQIzycrcaBmvqu1RifyuPoKVKhXnE51P5-y3UWDJXRS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmRUn3tR3YAzQxLmqQDC_L6cQIzycrcaBmvqu1RifyuPoKVKhXnE51P5-y3UWDJXRS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmRUn3tR3YAzQxLmqQDC_L6cQIzycrcaBmvqu1RifyuPoKVKhXnE51P5-y3UWDJXRS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmRUn3tR3YAzQxLmqQDC_L6cQIzycrcaBmvqu1RifyuPoKVKhXnE51P5-y3UWDJXRS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmRUn3tR3YAzQxLmqQDC_L6cQIzycrcaBmvqu1RifyuPoKVKhXnE51P5-y3UWDJXRS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmRUn3tR3YAzQxLmqQDC_L6cQIzycrcaBmvqu1RifyuPoKVKhXnE51P5-y3UWDJXRS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmRUn3tR3YAzQxLmqQDC_L6cQIzycrcaBmvqu1RifyuPoKVKhXnE51P5-y3UWDJXRS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmRUn3tR3YAzQxLmqQDC_L6cQIzycrcaBmvqu1RifyuPoKVKhXnE51P5-y3UWDJXRS

Request Chain 167

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEF_Gj0DfWWBUS8kc4hlYo6M&google_cver=1&google_push=AYg5qPLkWTf6R2qFxRfoeY5jD5MvEc1ZF2DVcR7mlw6OQeoj0JigodvpNsvdQBR0M9QLdPb5NSGKHs8WAe_WEvsznaE_ADpzyXGCig HTTP 302
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEF_Gj0DfWWBUS8kc4hlYo6M&google_cver=1&google_push=AYg5qPLkWTf6R2qFxRfoeY5jD5MvEc1ZF2DVcR7mlw6OQeoj0JigodvpNsvdQBR0M9QLdPb5NSGKHs8WAe_WEvsznaE_ADpzyXGCig&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEF_Gj0DfWWBUS8kc4hlYo6M&google_cver=1&google_push=AYg5qPLkWTf6R2qFxRfoeY5jD5MvEc1ZF2DVcR7mlw6OQeoj0JigodvpNsvdQBR0M9QLdPb5NSGKHs8WAe_WEvsznaE_ADpzyXGCig&apid=UPd3a920a3-83ad-11ec-b817-0258a5491656 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBkM2E5MjBhMy04M2FkLTExZWMtYjgxNy0wMjU4YTU0OTE2NTY%3D&google_push=AYg5qPLkWTf6R2qFxRfoeY5jD5MvEc1ZF2DVcR7mlw6OQeoj0JigodvpNsvdQBR0M9QLdPb5NSGKHs8WAe_WEvsznaE_ADpzyXGCig

Request Chain 168

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENNSySSH0jNqDOLhotRiAaE&google_cver=1&google_push=AYg5qPI8Iy0t7NXLu1uQclrXGAa8MuzaLPpJNtB6ZSl89HB9WCTZacmdEaDaFuLgwDppXMVcsd3Eor3IFGuxj-vTJZ-6KZMPy5xH HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENNSySSH0jNqDOLhotRiAaE&google_cver=1&google_push=AYg5qPI8Iy0t7NXLu1uQclrXGAa8MuzaLPpJNtB6ZSl89HB9WCTZacmdEaDaFuLgwDppXMVcsd3Eor3IFGuxj-vTJZ-6KZMPy5xH&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1xSGp1VmJ0RTJ1RWFPSkg5cENoaG5jYjFDR0xZUFQueX5B&google_push=AYg5qPI8Iy0t7NXLu1uQclrXGAa8MuzaLPpJNtB6ZSl89HB9WCTZacmdEaDaFuLgwDppXMVcsd3Eor3IFGuxj-vTJZ-6KZMPy5xH

Request Chain 184

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA_VJlx1Z3eCOn3iPpn8ZpQ&google_cver=1

Request Chain 185

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfmzSnCf48JsP5.p9M3WQAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA_VJlx1Z3eCOn3iPpn8ZpQ&google_cver=1&google_hm=2

Request Chain 186

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJTjXMtVGrmqyhaKEkRabP8&google_cver=1

Request Chain 187

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc2OTg4NzI1NTc5NjEzOTE0

Request Chain 215

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGVNHY_NBeW39mxnWA6HrbI&google_cver=1&google_push=AYg5qPJyHhW9sx_OH4Jp3ZFDpPeHv36UyfGY35hg6YR_iuFbc_OyPUuJB2ZcStCPi8sc9RoTPRYP9pn-JhwewzE4WJCTullBc0c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDIwMjYxNDQ5ODIwMDUzNDUwMw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEINK-Y40gF4tpE0Sj_kTFr0&google_cver=1

Request Chain 216

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENd0Pd4E7xHIRKwu_DziWVc&google_cver=1&google_push=AYg5qPIotN7NJvVbmV7VnPxCoNsVqBg_Cm05rsbjoYtsWEyBSci2IEP5H0lrPNtVKfkEtI__yuNzEvbEOF7RLcEnq85CBzKU9w HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENd0Pd4E7xHIRKwu_DziWVc&google_cver=1&google_push=AYg5qPIotN7NJvVbmV7VnPxCoNsVqBg_Cm05rsbjoYtsWEyBSci2IEP5H0lrPNtVKfkEtI__yuNzEvbEOF7RLcEnq85CBzKU9w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V3BYZkFWaDUxTmYxQW41&google_gid=CAESENd0Pd4E7xHIRKwu_DziWVc&google_cver=1&google_push=AYg5qPIotN7NJvVbmV7VnPxCoNsVqBg_Cm05rsbjoYtsWEyBSci2IEP5H0lrPNtVKfkEtI__yuNzEvbEOF7RLcEnq85CBzKU9w

Request Chain 218

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOjt1CiWf-1myMBH690rF4E&google_cver=1&google_push=AYg5qPJR-Tx09nxEiny0fIRvWkqdQ_77-fDmR1Kh29hbvbI4TNPOulbQMNJ5w4sXGeD7wxOXBOhPF9Qg8SUV2tXIQdOQZWBcTng HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjY5MjcxMzA5MjI4OTk3MDc1&google_push=AYg5qPJR-Tx09nxEiny0fIRvWkqdQ_77-fDmR1Kh29hbvbI4TNPOulbQMNJ5w4sXGeD7wxOXBOhPF9Qg8SUV2tXIQdOQZWBcTng

Request Chain 219

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPfSHKQtbb2bswaL7nFwRMg&google_cver=1&google_push=AYg5qPK5swuxSIGGThAY2VPf4bDV8zioZN7ncadveieaaCK9PSAIL_Odyf6Ep_zVzQyj8LGx89Y5FPKzy0OiQ0A0PRLfDd9bvlQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o0T1ZNUzgtTC1CNVVO&google_push=AYg5qPK5swuxSIGGThAY2VPf4bDV8zioZN7ncadveieaaCK9PSAIL_Odyf6Ep_zVzQyj8LGx89Y5FPKzy0OiQ0A0PRLfDd9bvlQ

Request Chain 220

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKDdJLngzQXVkeDpS2pJghA&google_cver=1&google_push=AYg5qPJQzW4gytjH7Euc5yLcMbVtWn31tRTGQiQYzW4fbVqhVYVNC9fNEHIcwuAAY6vjXjtwEu6dX2k7_pNIv6GYyY9Lw6YG5Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJQzW4gytjH7Euc5yLcMbVtWn31tRTGQiQYzW4fbVqhVYVNC9fNEHIcwuAAY6vjXjtwEu6dX2k7_pNIv6GYyY9Lw6YG5Q

Request Chain 221

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKxag09rWF55rUTS09N3LjM&google_cver=1&google_push=AYg5qPJ_MhaZyD8LNgxGw7xgepAiXWmwas0fUw3bgIxGK3bewUaTR2ohxO2Jb3swHq2Mmm9XmVSaBr6bdbki6-1uf09oJvAE0yk HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPJ_MhaZyD8LNgxGw7xgepAiXWmwas0fUw3bgIxGK3bewUaTR2ohxO2Jb3swHq2Mmm9XmVSaBr6bdbki6-1uf09oJvAE0yk&google_gid=CAESEKxag09rWF55rUTS09N3LjM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDUyODM1MTk0MTY0Mjc1MDkyOTQ5MA%3D%3D&google_push=AYg5qPJ_MhaZyD8LNgxGw7xgepAiXWmwas0fUw3bgIxGK3bewUaTR2ohxO2Jb3swHq2Mmm9XmVSaBr6bdbki6-1uf09oJvAE0yk

Request Chain 233

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDwGwbi4a52wKZlioAJ8PR0&google_cver=1

Request Chain 234

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfmzSnCf48JsP5.p9M3WQAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHDIC3J0qggviWRIayFImxE&google_cver=1&google_hm=2

Request Chain 235

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFKmmM3JBANyYHwHxA7h9QI&google_cver=1

Request Chain 236

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc2OTg4NzI1NTc5NjEzOTE0

Request Chain 252

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENUD34yzkLcM88g2qPhFA3Q&google_cver=1&google_push=AYg5qPJlFXwBxxnWDZtB_ShTKCdFSE7UvYXjy3m_wN4LYbkzEnqi9UchVgMyv2DkIh1zckWlnmRMkQZ3gCX0ZKpP2uLVQAWdNxs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V3BYZkFWaDUxTmYxQW41&google_gid=CAESENUD34yzkLcM88g2qPhFA3Q&google_cver=1&google_push=AYg5qPJlFXwBxxnWDZtB_ShTKCdFSE7UvYXjy3m_wN4LYbkzEnqi9UchVgMyv2DkIh1zckWlnmRMkQZ3gCX0ZKpP2uLVQAWdNxs

Request Chain 253

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEMMjzqnVr9vb-qc3DH1wgdM&google_cver=1&google_push=AYg5qPJSJKjOi-410v44CkCbQp94XRu7AOr-Oc_qlMHqnzQNJ1yQOJT7DSiSAFLM6XqUlDzK8Cba1-7i34-98U_WvB1IO1Yvkg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMMjzqnVr9vb-qc3DH1wgdM&google_push=AYg5qPJSJKjOi-410v44CkCbQp94XRu7AOr-Oc_qlMHqnzQNJ1yQOJT7DSiSAFLM6XqUlDzK8Cba1-7i34-98U_WvB1IO1Yvkg

Request Chain 255

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEPJ5Lbut0r3Kl_7eHLFzTOY&google_cver=1&google_push=AYg5qPKqUnkP78pvYx3YZvDfY0OTs7-ITHouy3_fcfO5ezLns0yUDTVxscd_LPYvt213LabyEURMIPIxvnFXpC-3QTHBIVZvlMg HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPKqUnkP78pvYx3YZvDfY0OTs7-ITHouy3_fcfO5ezLns0yUDTVxscd_LPYvt213LabyEURMIPIxvnFXpC-3QTHBIVZvlMg&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1643754315328 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-1cf83c93-83ee-4c89-9b51-52d797ad4c75-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPKqUnkP78pvYx3YZvDfY0OTs7-ITHouy3_fcfO5ezLns0yUDTVxscd_LPYvt213LabyEURMIPIxvnFXpC-3QTHBIVZvlMg%26google_hm%3DAxz4PJOD7kyJm1FS15etTHU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKqUnkP78pvYx3YZvDfY0OTs7-ITHouy3_fcfO5ezLns0yUDTVxscd_LPYvt213LabyEURMIPIxvnFXpC-3QTHBIVZvlMg&google_hm=Axz4PJOD7kyJm1FS15etTHU

Request Chain 256

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEOFm0Fmh_bJYsyLGOP_T8P8&google_cver=1&google_push=AYg5qPLB2t73itxhXjxD4V8u5naS8068gaurPIFX8QW20pRno_oKh0V5KMVY_w4M4kCL7pG2xA2UMElHqA0-_4Ukjp7DBULltuM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDUyODM1MTk0MTY0Mjc1MDkyOTQ5MA%3D%3D&google_push=AYg5qPLB2t73itxhXjxD4V8u5naS8068gaurPIFX8QW20pRno_oKh0V5KMVY_w4M4kCL7pG2xA2UMElHqA0-_4Ukjp7DBULltuM

Request Chain 257

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECRveH9bVyMOap3BXir3QEA&google_cver=1&google_push=AYg5qPIFSiwbIoR689fL3c8mqiYoTgqeVZFsIA2n37UhOaLmz-_v23O2QCVDl54cM8dLydyJw91xkWLCtABOco5OmByU4p6JGuI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1xSGp1VmJ0RTJ1RWFPSkg5cENoaG5jYjFDR0xZUFQueX5B&google_push=AYg5qPIFSiwbIoR689fL3c8mqiYoTgqeVZFsIA2n37UhOaLmz-_v23O2QCVDl54cM8dLydyJw91xkWLCtABOco5OmByU4p6JGuI

Request Chain 281

https://fw.adsafeprotected.com/rfw/st/912962/59461375/4.js?ias_dspID=3&ias_campId=26029340&ias_pubId=pub-6330791094260149&ias_chanId=1&ias_placementId=15845895118&bidurl=https://portaldobitcoin.uol.com.br/&ias_dealId=&adContainerId=brand_safety_SrP5YemqOeDV7_UPxYCl4AY&cbFunctionName=goog_wrapCb_SrP5YemqOeDV7_UPxYCl4AY&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fportaldobitcoin.uol.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fc4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fc4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:f0101b0f-f173-5a62-80ea-27fd86b3c388,c:30IXY7,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-75665b65c-8gklk,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,scm:grpm1,nbld:0,mtim:2,fm:sWelAK0+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C1613%7C1614%7C171%7C172%7C173%7C174%7C18%7C19%7C1a*.912962-59461375%7C1a1%7C1a2%7C1a3%7C1a41,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:15,oid:d40b3dac-83ad-11ec-9ac8-a6d6cc21175c,v:19.8.284,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

304 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
portaldobitcoin.uol.com.br/
Redirect Chain

http://portaldobitcoin.uol.com.br/
https://portaldobitcoin.uol.com.br/

121 KB
25 KB

693ms
240ms

Document
text/html

200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 42d0ebce89d443f8ce5dac28e833b411863ce56bb1a6f21a3c88613a3ae0e1c3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Tue, 01 Feb 2022 22:25:11 GMT
content-type: text/html; charset=UTF-8
content-length: 25202
cache-control: max-age=600
link: <https://portaldobitcoin.uol.com.br/wp-json/>; rel="https://api.w.org/" <https://portaldobitcoin.uol.com.br/>; rel=shortlink
content-encoding: gzip
age: 2868
vary: Accept-Encoding
x-cache: HIT
x-server: E-Consulters Web
accept-ranges: bytes

Redirect headers

Server: nginx
Date: Tue, 01 Feb 2022 22:25:11 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://portaldobitcoin.uol.com.br/

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 115ms
44ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A500%2C600&display=swap&ver=1.2.4

Requested by

Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c72b689cf8fbb9638185c4cb5d1904cd502170ba35a3966ff61a6f8126d4de8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 22:25:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 01 Feb 2022 22:25:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 01 Feb 2022 22:25:12 GMT

GET
H2 200 frontend.min.css
portaldobitcoin.uol.com.br/wp-content/themes/jnews/assets/dist/ 530 KB
86 KB 241ms
240ms Stylesheet
text/css 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldobitcoin.uol.com.br/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=7.0.9
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 0a4d3e7c518e0771ed59584e8621048d529d18bac487045f0c4bbe8da1822bd2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:12 GMT
content-encoding: gzip
last-modified: Wed, 19 Aug 2020 18:00:00 GMT
server: nginx
age: 2864
etag: "5f3d68a0-846d4"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 87551
expires: Sat, 05 Feb 2022 03:35:53 GMT

GET
H2 200 jquery.js Show response
portaldobitcoin.uol.com.br/wp-includes/js/jquery/ 95 KB
33 KB 379ms
377ms Script
application/javascript 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldobitcoin.uol.com.br/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:12 GMT
content-encoding: gzip
last-modified: Fri, 07 Jun 2019 19:59:34 GMT
server: nginx
age: 2548
etag: "5cfac226-17a69"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 33804
expires: Sat, 05 Feb 2022 03:41:09 GMT

GET
H2 200 jquery-migrate.min.js Show response
portaldobitcoin.uol.com.br/wp-includes/js/jquery/ 10 KB
4 KB 437ms
436ms Script
application/javascript 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldobitcoin.uol.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:12 GMT
content-encoding: gzip
last-modified: Tue, 04 Apr 2017 20:13:28 GMT
server: nginx
age: 2503
etag: "58e3fe68-2748"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 4014
expires: Sat, 05 Feb 2022 03:41:54 GMT

GET
H2 200 advanced.js Show response
portaldobitcoin.uol.com.br/wp-content/plugins/advanced-ads/public/assets/js/ 9 KB
4 KB 241ms
241ms Script
application/javascript 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldobitcoin.uol.com.br/wp-content/plugins/advanced-ads/public/assets/js/advanced.js?ver=1.20.0
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: e116db0857de44aa82eda62548191830e06ee9ea84d8af971f45a197bd05c243

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:12 GMT
content-encoding: gzip
last-modified: Wed, 16 Sep 2020 23:28:30 GMT
server: nginx
age: 1857
etag: "5f629f9e-2553"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 3345
expires: Sat, 05 Feb 2022 03:52:40 GMT

GET
H2 200 script.js Show response
portaldobitcoin.uol.com.br/wp-content/plugins/advanced-ads-responsive/public/assets/js/ 3 KB
1 KB 377ms
376ms Script
application/javascript 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldobitcoin.uol.com.br/wp-content/plugins/advanced-ads-responsive/public/assets/js/script.js?ver=1.9.2
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 5841eb6d1895c740317d98a4cd9e5aeced865f5c50182647401afc3d303367e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:12 GMT
content-encoding: gzip
last-modified: Wed, 16 Sep 2020 23:29:11 GMT
server: nginx
age: 1857
etag: "5f629fc7-b92"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 1082
expires: Sat, 05 Feb 2022 03:52:40 GMT

GET
H2 200 advanced-ads-pro.js Show response
portaldobitcoin.uol.com.br/wp-content/plugins/advanced-ads-pro/assets/ 8 KB
3 KB 378ms
377ms Script
application/javascript 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldobitcoin.uol.com.br/wp-content/plugins/advanced-ads-pro/assets/advanced-ads-pro.js?ver=2.10.0
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 2ef7215476637d3fb3a62a1bd803c0c332385673edcf03d138bfaad922b686ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:12 GMT
content-encoding: gzip
last-modified: Wed, 16 Sep 2020 23:29:09 GMT
server: nginx
age: 1857
etag: "5f629fc5-21a0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 2540
expires: Sat, 05 Feb 2022 03:52:40 GMT

GET
H2 200 base.min.js Show response
portaldobitcoin.uol.com.br/wp-content/plugins/advanced-ads-pro/modules/cache-busting/inc/ 88 KB
26 KB 372ms
371ms Script
application/javascript 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldobitcoin.uol.com.br/wp-content/plugins/advanced-ads-pro/modules/cache-busting/inc/base.min.js?ver=2.10.0
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 4dcdd6d10dad35b491a5e61ea71b75dbff8f7ff0446771c9ce29d99fb24a5501

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:12 GMT
content-encoding: gzip
last-modified: Wed, 16 Sep 2020 23:29:10 GMT
server: nginx
age: 1857
etag: "5f629fc6-161db"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 26092
expires: Sat, 05 Feb 2022 03:52:40 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
52 KB 76ms
47ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a28fedbbe7acb13a8f3a832de7e1daa1d72963ae0b5766cc2281459f737f343e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52950
x-xss-protection: 0
server: cafe
etag: 11199537824067210228
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 22:25:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 48ms
19ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-98991334-1

Requested by

Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

da735d3199614d9ffe125c63cf2de104ff5938f5e906051b098483a902906193

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36125
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 21:21:58 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 01 Feb 2022 22:25:12 GMT

GET
H2 200 uoltm.js Show response
tm.jsuol.com.br/ 193 KB
34 KB 281ms
9ms Script
application/javascript 2600:9000:2250:1600:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/uoltm.js?id=apcck8
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:1600:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 3f954557bda3136a6f1837cb768a66dbd911dc502641417f51c49b2142e41f80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 21:30:27 GMT
content-encoding: gzip
age: 3286
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 33737
access-control-allow-origin: *
last-modified: Wed, 24 Nov 2021 15:56:17 GMT
server: marrakesh 1.16.6
etag: 368533583cf65e5d23f0a3f3b8a23541
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P2
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: ACjwqXax1n70rMZIz19dGhehxXrC9uH7GZGn0ngQGNWzlGC2Qq6B_Q==
expires: Tue, 01 Feb 2022 22:30:27 GMT

GET
H2 200 Logo-Mobile-35.png
portaldobitcoin.uol.com.br/wp-content/uploads/2018/05/ 5 KB
5 KB 389ms
385ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldobitcoin.uol.com.br/wp-content/uploads/2018/05/Logo-Mobile-35.png
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 5f03fe09e4bd67576cab21756ac8437d4c768cb213534290a8f795dee45a8497

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:12 GMT
last-modified: Fri, 25 May 2018 13:16:14 GMT
server: nginx
age: 2503
etag: "5b080c9e-1348"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 4936
expires: Sat, 05 Feb 2022 03:41:54 GMT

GET
H2 200 echarts_no_utils.min.js Show response
portaldobitcoin.uol.com.br/wp-content/plugins/pdb-plugins/WidgetHighLow/assets/ 296 KB
102 KB 208ms
208ms Script
application/javascript 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldobitcoin.uol.com.br/wp-content/plugins/pdb-plugins/WidgetHighLow/assets/echarts_no_utils.min.js
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: c1e6bef1d9df884fc7be3b76178b6e71259de882a5026d4c5c2e1064db168770

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:12 GMT
content-encoding: gzip
last-modified: Thu, 05 Nov 2020 21:01:32 GMT
server: nginx
age: 1209
etag: "5fa4682c-49fa6"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 104258
expires: Sat, 05 Feb 2022 04:03:29 GMT

GET
H2 200 style.min.css
portaldobitcoin.uol.com.br/wp-includes/css/dist/block-library/ 52 KB
8 KB 396ms
394ms Stylesheet
text/css 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldobitcoin.uol.com.br/wp-includes/css/dist/block-library/style.min.css?ver=5.4.9
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
content-encoding: gzip
last-modified: Wed, 29 Apr 2020 23:02:31 GMT
server: nginx
age: 1857
etag: "5eaa0787-d159"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 7643
expires: Sat, 05 Feb 2022 03:52:40 GMT

GET
H2 200 style-index.css
portaldobitcoin.uol.com.br/wp-content/plugins/activecampaign-subscription-forms/activecampaign-form-block/build/ 70 B
308 B 398ms
395ms Stylesheet
text/css 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldobitcoin.uol.com.br/wp-content/plugins/activecampaign-subscription-forms/activecampaign-form-block/build/style-index.css?ver=1616430402
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 55bd442d45ef481e3f0eb795894dd94f1a5e38f2a4847c2f49371010e1e013c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
last-modified: Mon, 22 Mar 2021 16:26:42 GMT
server: nginx
age: 1857
etag: "6058c542-46"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 70
expires: Sat, 05 Feb 2022 03:52:40 GMT

GET
H2 200 public.css
portaldobitcoin.uol.com.br/wp-content/plugins/econsulters-cache/public/assets/css/ 82 B
320 B 396ms
394ms Stylesheet
text/css 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldobitcoin.uol.com.br/wp-content/plugins/econsulters-cache/public/assets/css/public.css?ver=1.0.0
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: dd7f250339a21ad330bb49e9eb293a87a092c0a7cc593866e8c5ac1b6e72f7e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
last-modified: Fri, 12 Jan 2018 12:34:36 GMT
server: nginx
age: 2503
etag: "5a58ab5c-52"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 82
expires: Sat, 05 Feb 2022 03:41:55 GMT

GET
H2 200 js_composer.min.css
portaldobitcoin.uol.com.br/wp-content/plugins/js_composer/assets/css/ 474 KB
45 KB 393ms
391ms Stylesheet
text/css 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldobitcoin.uol.com.br/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.2.0
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: f1dbbc4be8d88ae17466b1d7a8fd7bf4f9d9b5ab492719cdea721d82cecb738d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
content-encoding: gzip
last-modified: Sat, 15 Aug 2020 14:12:26 GMT
server: nginx
age: 1857
etag: "5f37ed4a-76828"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 45709
expires: Sat, 05 Feb 2022 03:52:40 GMT

GET
H2 200 style.css
portaldobitcoin.uol.com.br/wp-content/themes/jnews/ 426 B
665 B 398ms
396ms Stylesheet
text/css 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldobitcoin.uol.com.br/wp-content/themes/jnews/style.css?ver=7.0.9
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 6a94dd7a301221c391c6319c63f7f47de0731a74d3b5a83f2630243d039d8d6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
last-modified: Wed, 19 Aug 2020 18:00:00 GMT
server: nginx
age: 1857
etag: "5f3d68a0-1aa"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 426
expires: Sat, 05 Feb 2022 03:52:40 GMT

GET
H2 200 darkmode.css
portaldobitcoin.uol.com.br/wp-content/themes/jnews/assets/css/ 42 KB
7 KB 414ms
412ms Stylesheet
text/css 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldobitcoin.uol.com.br/wp-content/themes/jnews/assets/css/darkmode.css?ver=7.0.9
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 1351b8e0d48b23b501977d5e5f33985307bcb42234c1936477aac36486e8b461

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
content-encoding: gzip
last-modified: Wed, 19 Aug 2020 18:00:00 GMT
server: nginx
age: 1857
etag: "5f3d68a0-a8d9"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 6409
expires: Sat, 05 Feb 2022 03:52:40 GMT

GET
H2 200 plugin.css
portaldobitcoin.uol.com.br/wp-content/plugins/jnews-social-share/assets/css/ 1 KB
747 B 393ms
392ms Stylesheet
text/css 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldobitcoin.uol.com.br/wp-content/plugins/jnews-social-share/assets/css/plugin.css
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 5847707988b0ee28c7b583abaabd6c203ad910326e5b9fe12149a0bc8ac43e5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
content-encoding: gzip
last-modified: Wed, 19 Aug 2020 18:19:52 GMT
server: nginx
age: 215
etag: "5f3d6d48-472"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 491
expires: Sat, 05 Feb 2022 04:20:03 GMT

GET
H2 200 site_tracking.js Show response
portaldobitcoin.uol.com.br/wp-content/plugins/activecampaign-subscription-forms/ 1 KB
900 B 208ms
208ms Script
application/javascript 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldobitcoin.uol.com.br/wp-content/plugins/activecampaign-subscription-forms/site_tracking.js?ver=5.4.9
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 9a19938485ca7f6c582d3f78d17d9e443d26b260cac24c9dd9499f70b5d28390

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:12 GMT
content-encoding: gzip
last-modified: Mon, 22 Mar 2021 16:26:42 GMT
server: nginx
age: 1888
etag: "6058c542-57b"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 633
expires: Sat, 05 Feb 2022 03:52:09 GMT

GET
H2 200 comment-reply.min.js Show response
portaldobitcoin.uol.com.br/wp-includes/js/ 2 KB
1 KB 389ms
386ms Script
application/javascript 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldobitcoin.uol.com.br/wp-includes/js/comment-reply.min.js?ver=5.4.9
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 4f00ec40b144121114b6cec693fccc2b51a06ab01fc34defa466467b581a7f2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:12 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 03:48:42 GMT
server: nginx
age: 2503
etag: "6077b79a-944"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 1144
expires: Sat, 05 Feb 2022 03:41:55 GMT

GET
H2 200 hoverIntent.min.js Show response
portaldobitcoin.uol.com.br/wp-includes/js/ 1 KB
759 B 210ms
206ms Script
application/javascript 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldobitcoin.uol.com.br/wp-includes/js/hoverIntent.min.js?ver=1.8.1
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 495d2f8c8b7f1bbd664c2c10c086a644e63e4934b9734813b27956a34709eea4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:12 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 03:48:42 GMT
server: nginx
age: 2503
etag: "6077b79a-462"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 492
expires: Sat, 05 Feb 2022 03:41:55 GMT

GET
H2 200 imagesloaded.min.js Show response
portaldobitcoin.uol.com.br/wp-includes/js/ 8 KB
3 KB 209ms
205ms Script
application/javascript 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldobitcoin.uol.com.br/wp-includes/js/imagesloaded.min.js?ver=3.2.0
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: afbd6d3dbf677900ec3d80e8057a7b9f93f72e5971494ed7ce7a4be1cb7c9ae8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:12 GMT
content-encoding: gzip
last-modified: Sat, 04 Apr 2020 15:58:41 GMT
server: nginx
age: 2702
etag: "5e88aeb1-1fd4"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 2575
expires: Sat, 05 Feb 2022 03:38:35 GMT

GET
H2 200 frontend.min.js Show response
portaldobitcoin.uol.com.br/wp-content/themes/jnews/assets/dist/ 275 KB
76 KB 217ms
214ms Script
application/javascript 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldobitcoin.uol.com.br/wp-content/themes/jnews/assets/dist/frontend.min.js?ver=7.0.9
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 30a2d58e5bc99ec6b7e4922f95da03b885b1273f0fd9d5a4fd8dc747780bc83f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:12 GMT
content-encoding: gzip
last-modified: Wed, 19 Aug 2020 18:00:00 GMT
server: nginx
age: 2503
etag: "5f3d68a0-44c13"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 77424
expires: Sat, 05 Feb 2022 03:41:55 GMT

GET
H2 200 plugin.js Show response
portaldobitcoin.uol.com.br/wp-content/plugins/jnews-social-share/assets/js/ 3 KB
2 KB 209ms
206ms Script
application/javascript 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldobitcoin.uol.com.br/wp-content/plugins/jnews-social-share/assets/js/plugin.js
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 5cb834c20a13b0051afad7ca7b33e5f1f48c0596431f5d31d47135659ee769d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:12 GMT
content-encoding: gzip
last-modified: Wed, 19 Aug 2020 18:19:52 GMT
server: nginx
age: 1887
etag: "5f3d6d48-d7d"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 1320
expires: Sat, 05 Feb 2022 03:52:10 GMT

GET
H2 200 wp-embed.min.js Show response
portaldobitcoin.uol.com.br/wp-includes/js/ 1 KB
1 KB 389ms
386ms Script
application/javascript 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldobitcoin.uol.com.br/wp-includes/js/wp-embed.min.js?ver=5.4.9
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:12 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 03:48:42 GMT
server: nginx
age: 2503
etag: "6077b79a-592"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 765
expires: Sat, 05 Feb 2022 03:41:55 GMT

GET
H2 200 js_composer_front.min.js Show response
portaldobitcoin.uol.com.br/wp-content/plugins/js_composer/assets/js/dist/ 20 KB
6 KB 397ms
394ms Script
application/javascript 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldobitcoin.uol.com.br/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.2.0
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 9be6923457d76debf4c512fac0a2173aaa94748868d26566515ce2a4156d083d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
content-encoding: gzip
last-modified: Sat, 15 Aug 2020 14:12:25 GMT
server: nginx
age: 2503
etag: "5f37ed49-5075"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 5816
expires: Sat, 05 Feb 2022 03:41:55 GMT

GET
H2 200 hero.js Show response
portaldobitcoin.uol.com.br/wp-content/themes/jnews/assets/js/ 2 KB
858 B 209ms
205ms Script
application/javascript 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldobitcoin.uol.com.br/wp-content/themes/jnews/assets/js/hero.js?ver=7.0.9
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 48012b05667d29c055974d8e07dae05da00777f1872969def6314111f8128d69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:12 GMT
content-encoding: gzip
last-modified: Wed, 19 Aug 2020 18:00:00 GMT
server: nginx
age: 1209
etag: "5f3d68a0-6cd"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 591
expires: Sat, 05 Feb 2022 04:03:29 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v21/ 30 KB
31 KB 32ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v21/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A500%2C600&display=swap&ver=1.2.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portaldobitcoin.uol.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 19:30:11 GMT
x-content-type-options: nosniff
age: 10501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30876
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 19:19:51 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Feb 2023 19:30:11 GMT

GET
H2 200 fontawesome-webfont.woff2
portaldobitcoin.uol.com.br/wp-content/themes/jnews/assets/dist/font/ 75 KB
76 KB 396ms
396ms Font
font/woff2 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldobitcoin.uol.com.br/wp-content/themes/jnews/assets/dist/font/fontawesome-webfont.woff2
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=7.0.9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://portaldobitcoin.uol.com.br/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=7.0.9
Origin: https://portaldobitcoin.uol.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
last-modified: Wed, 19 Aug 2020 18:00:00 GMT
server: nginx
age: 1518
etag: "5f3d68a0-12d68"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 77160

GET
H2 200 WhatsApp-Image-2022-02-01-at-16.36.52-1140x656.jpeg
portaldobitcoin.uol.com.br/wp-content/uploads/2022/02/ 120 KB
120 KB 381ms
380ms Image
image/jpeg 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldobitcoin.uol.com.br/wp-content/uploads/2022/02/WhatsApp-Image-2022-02-01-at-16.36.52-1140x656.jpeg
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 2848591265cd302bdf0cd607052a2369de434f65f17d70db6c62645f737b5df1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
last-modified: Tue, 01 Feb 2022 19:37:02 GMT
server: nginx
age: 2816
etag: "61f98bde-1dffe"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 122878
expires: Sat, 05 Feb 2022 03:36:41 GMT

GET
H2 200 preloader.gif
portaldobitcoin.uol.com.br/wp-content/themes/jnews/assets/dist/image/ 4 KB
5 KB 390ms
390ms Image
image/gif 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldobitcoin.uol.com.br/wp-content/themes/jnews/assets/dist/image/preloader.gif
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=7.0.9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: e2e60e9eae839d6b2e857c708f6d02ae6069141594b941a1590cd5c5435d42f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=7.0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
last-modified: Wed, 19 Aug 2020 18:00:00 GMT
server: nginx
age: 1888
etag: "5f3d68a0-112f"
vary: Accept-Encoding
x-cache: HIT
content-type: image/gif
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 4399
expires: Sat, 05 Feb 2022 03:52:10 GMT

GET
H2 200 shutterstock_2017041662-350x250.jpg
portaldobitcoin.uol.com.br/wp-content/uploads/2022/02/ 11 KB
11 KB 363ms
363ms Image
image/jpeg 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldobitcoin.uol.com.br/wp-content/uploads/2022/02/shutterstock_2017041662-350x250.jpg
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 082b5c8aba12bad9bdc505f065c752d9e1f5cecd20fdfc71fb216c3d5c1183d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
last-modified: Tue, 01 Feb 2022 18:02:47 GMT
server: nginx
age: 527
etag: "61f975c7-2b57"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 11095
expires: Sat, 05 Feb 2022 04:14:51 GMT

GET
H2 200 shutterstock_1185999847-350x250.jpg
portaldobitcoin.uol.com.br/wp-content/uploads/2022/01/ 14 KB
14 KB 382ms
381ms Image
image/jpeg 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldobitcoin.uol.com.br/wp-content/uploads/2022/01/shutterstock_1185999847-350x250.jpg
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: d8ad87d4c2f7226f852006316f3b072273bc35d2ab75a16c0e42c397c4907e66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
last-modified: Fri, 28 Jan 2022 15:48:53 GMT
server: nginx
age: 469
etag: "61f41065-36bc"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 14012
expires: Sat, 05 Feb 2022 04:15:48 GMT

GET
H2 200 shutterstock_1401849254-350x250.jpg
portaldobitcoin.uol.com.br/wp-content/uploads/2022/02/ 10 KB
10 KB 551ms
551ms Image
image/jpeg 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldobitcoin.uol.com.br/wp-content/uploads/2022/02/shutterstock_1401849254-350x250.jpg
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 1c3e0290a22342caca438ac21066b7dfb363860cd0a3a6c2bb23fae4f6a22583

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
last-modified: Tue, 01 Feb 2022 18:51:10 GMT
server: nginx
age: 2834
etag: "61f9811e-2852"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 10322
expires: Sat, 05 Feb 2022 03:36:23 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-98991334-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1220
date: Tue, 01 Feb 2022 22:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 02 Feb 2022 00:04:52 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201240101/ 287 KB
104 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5124525914303576&plah=portaldobitcoin.uol.com.br&bust=31064528

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7100e445fb5d6e14d41fac6de8e369246ad621dfe8473cabbdb9ce535c14e4a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105918
x-xss-protection: 0
server: cafe
etag: 14867198716752998281
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 22:25:12 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220131/r20190131/ Frame 5F43 10 KB
5 KB 28ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220131/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Tue, 01 Feb 2022 19:01:41 GMT
expires: Tue, 15 Feb 2022 19:01:41 GMT
cache-control: public, max-age=1209600
age: 12211
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 30ms
14ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://portaldobitcoin.uol.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portaldobitcoin.uol.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
449 B 58ms
19ms XHR
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-98991334-1&cid=289430633.1643754313&jid=1251606273&gjid=982219055&_gid=601692819.1643754313&_u=YEBAAUAAAAAAAC~&z=149926898

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://portaldobitcoin.uol.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 01 Feb 2022 22:25:12 GMT
content-type: text/plain
access-control-allow-origin: https://portaldobitcoin.uol.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 214 B
643 B 52ms
14ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=portaldobitcoin.uol.com.br&callback=_gfp_s_&client=ca-pub-5124525914303576

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5124525914303576&plah=portaldobitcoin.uol.com.br&bust=31064528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

525fd51ee4a3748ef5b0db4137535e93095cdc0a8890b376e2dcd92051af019a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 42ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=portaldobitcoin.uol.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 01 Feb 2022 22:25:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 43ms
17ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=portaldobitcoin.uol.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 01 Feb 2022 22:25:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D0E8 603 B
67 B 44ms
26ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5124525914303576&output=html&adk=1812271804&adf=3025194257&lmt=1643754312&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fportaldobitcoin.uol.com.br%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643754312872&bpp=3&bdt=790&idt=70&shv=r20220131&mjsv=m202201240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3870943842260&frm=20&pv=2&ga_vid=289430633.1643754313&ga_sid=1643754313&ga_hid=1739137194&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064528&oid=2&pvsid=2270778085280055&pem=426&tmod=1831328892&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=86

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 01 Feb 2022 22:25:12 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
portaldobitcoin.uol.com.br/indice/img/IPB32.png/ 1 KB
2 KB 551ms
551ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldobitcoin.uol.com.br/indice/img/IPB32.png/
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 0cd10f44f0ec3e2739d4f3877e3353ebb7b3ff08028bde7ab3d21f57b39d9dfe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
last-modified: Tue, 26 Oct 2021 17:37:45 GMT
server: nginx
age: 0
vary: Accept-Encoding
x-cache: MISS
content-type: image/png
cache-control: public, max-age=2678400
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 1441

GET
H2 200 ticker Show response
portaldobitcoin.com/indice/api/v1/ 439 B
575 B 516ms
453ms Fetch
application/json 2606:4700:3036::6815:163e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldobitcoin.com/indice/api/v1/ticker?currency=BTC&alt=true
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:163e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d6bca6128f1667bfba242d961e67a8f03575275a8b41fdd5fecd105cba06adf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 01 Feb 2022 17:51:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: MISS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VWEqW3yZEBs4QG9FXgrXcQaMMDF50dfnmiHB9kfO2RJFpzTquqrHDOVORaKTMi94mLrUGIu0f1j%2FBMHphaLA%2FyaaWMMVzoFVYVPMjJ3qPv0RF05h%2F6aBPjB4RXiJ73igmYB4K9pY2QDSTkCXxmQ65q%2Bc"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=120
x-server: E-Consulters Web
cf-ray: 6d6e9828ccb6374f-MXP
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H2 200 coins Show response
portaldobitcoin.com/indice/api/v1/ 99 KB
26 KB 762ms
699ms Fetch
application/json 2606:4700:3036::6815:163e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldobitcoin.com/indice/api/v1/coins
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:163e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b4ea36b6e77fdee793a889c04714fa519640339f7df11f2258780a400769ccf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 01 Feb 2022 21:19:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: MISS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bdQMPmFBp6VqVt7KwjfadO4Wi911Fjix2GYuVnCVOw9PiprJPDqbLz1Fo9KbSls%2BEbqE64RUmPDoW0SY%2BrW7xzAGAqZ5Z4O0wM8b4z4sHR2FjI5YMeFLhKqxFW2EemBGTAWiNru%2BnqOs8B3zlhX1N8s9"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=120
x-server: E-Consulters Web
cf-ray: 6d6e9828ccbe374f-MXP
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H2 200 index Show response
portaldobitcoin.com/indice/api/v1/ 6 KB
2 KB 515ms
453ms Fetch
application/json 2606:4700:3036::6815:163e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldobitcoin.com/indice/api/v1/index
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:163e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28f8b1498341b0901f5d9670a32c696733d9d7c1dee89d5d872004a4767a79ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 01 Feb 2022 17:51:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: MISS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tn0DkIv6%2B93mb8v51YELLO%2BGeHMNeTw%2B5xwpPhLtEauKWgm5ke9OTL8Jrj8XtJSs0Bmfd%2BIUxdgcxv1nIPCtLfasSmrd%2F9M2u0p9gWDFnX96fysjLc1aqyyowYTvYG8BBnwo4TpFiwCyHn%2BgTjYul3Wj"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=120
x-server: E-Consulters Web
cf-ray: 6d6e9828ccbf374f-MXP
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H2 200 shutterstock_1543306043-350x250.jpg
portaldobitcoin.uol.com.br/wp-content/uploads/2022/01/ 21 KB
21 KB 545ms
544ms Image
image/jpeg 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldobitcoin.uol.com.br/wp-content/uploads/2022/01/shutterstock_1543306043-350x250.jpg
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: a60ee0defcf22ff93634f94b57e6e8f96511993a866686d79118f740adabfbc3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
last-modified: Fri, 28 Jan 2022 14:58:48 GMT
server: nginx
age: 2161
etag: "61f404a8-53f9"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 21497
expires: Sat, 05 Feb 2022 03:47:36 GMT

GET
H2 200 WhatsApp-Image-2022-02-01-at-13.53.42-350x250.jpeg
portaldobitcoin.uol.com.br/wp-content/uploads/2022/02/ 23 KB
23 KB 543ms
542ms Image
image/jpeg 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldobitcoin.uol.com.br/wp-content/uploads/2022/02/WhatsApp-Image-2022-02-01-at-13.53.42-350x250.jpeg
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: a956d4dd829b20fe09cf8a065057bc9d3134e7dd91234d1073f653efd3bece20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
last-modified: Tue, 01 Feb 2022 17:01:30 GMT
server: nginx
age: 527
etag: "61f9676a-5ccc"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 23756
expires: Sat, 05 Feb 2022 04:14:51 GMT

GET
H2 200 WhatsApp-Image-2022-02-01-at-12.44.37-120x86.jpeg
portaldobitcoin.uol.com.br/wp-content/uploads/2022/02/ 3 KB
4 KB 538ms
538ms Image
image/jpeg 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldobitcoin.uol.com.br/wp-content/uploads/2022/02/WhatsApp-Image-2022-02-01-at-12.44.37-120x86.jpeg
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: d2d1f99c618b5769b7217e3f192c3cbbc9f78094ebd173250bf8b33675147d51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
last-modified: Tue, 01 Feb 2022 15:48:56 GMT
server: nginx
age: 2821
etag: "61f95668-dca"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 3530
expires: Sat, 05 Feb 2022 03:36:36 GMT

GET
H2 200 shutterstock_1996306109-120x86.jpg
portaldobitcoin.uol.com.br/wp-content/uploads/2022/02/ 4 KB
4 KB 538ms
537ms Image
image/jpeg 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldobitcoin.uol.com.br/wp-content/uploads/2022/02/shutterstock_1996306109-120x86.jpg
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 3d265cfe07f060823c71a7ef1f9431b4771e201764aa0ceac82f67a8ce930a2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
last-modified: Tue, 01 Feb 2022 15:31:16 GMT
server: nginx
age: 2821
etag: "61f95244-10d1"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 4305
expires: Sat, 05 Feb 2022 03:36:36 GMT

GET
H2 200 shutterstock_518722330-120x86.jpg
portaldobitcoin.uol.com.br/wp-content/uploads/2021/01/ 3 KB
3 KB 543ms
542ms Image
image/jpeg 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldobitcoin.uol.com.br/wp-content/uploads/2021/01/shutterstock_518722330-120x86.jpg
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: c0a94ae2db0dd23a51408c7f95b5ee7b4832fb1d2df99eb33c1d09792ed8c472

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
last-modified: Wed, 27 Jan 2021 18:31:49 GMT
server: nginx
age: 2821
etag: "6011b195-c72"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 3186
expires: Sat, 05 Feb 2022 03:36:36 GMT

GET
H2 200 shutterstock_1676281792-120x86.jpg
portaldobitcoin.uol.com.br/wp-content/uploads/2021/12/ 4 KB
4 KB 543ms
543ms Image
image/jpeg 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldobitcoin.uol.com.br/wp-content/uploads/2021/12/shutterstock_1676281792-120x86.jpg
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: c2fa1582ffa0e2eb5a7513667bbaa63f5f29031f37760dea9a5c43b6789c677f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
last-modified: Tue, 21 Dec 2021 17:48:52 GMT
server: nginx
age: 2821
etag: "61c21384-e84"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 3716
expires: Sat, 05 Feb 2022 03:36:36 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 45ms
20ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-98991334-1&cid=289430633.1643754313&jid=1251606273&_u=YEBAAUAAAAAAAC~&z=1252926449

Requested by

Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 56ms
31ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-98991334-1&cid=289430633.1643754313&jid=1251606273&_u=YEBAAUAAAAAAAC~&z=1252926449

Requested by

Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 WhatsApp-Image-2022-02-01-at-09.08.36-350x250.jpeg
portaldobitcoin.uol.com.br/wp-content/uploads/2022/02/ 21 KB
21 KB 538ms
537ms Image
image/jpeg 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldobitcoin.uol.com.br/wp-content/uploads/2022/02/WhatsApp-Image-2022-02-01-at-09.08.36-350x250.jpeg
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: a846c83b4020af0dbf31b1feb5368bdd0ee8ba5967c00daa34d8ce72161e9db5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
last-modified: Tue, 01 Feb 2022 12:08:11 GMT
server: nginx
age: 564
etag: "61f922ab-530b"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 21259
expires: Sat, 05 Feb 2022 04:14:14 GMT

GET
H2 200 shutterstock_1030451626-350x250.jpg
portaldobitcoin.uol.com.br/wp-content/uploads/2022/02/ 14 KB
14 KB 530ms
529ms Image
image/jpeg 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldobitcoin.uol.com.br/wp-content/uploads/2022/02/shutterstock_1030451626-350x250.jpg
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 1a920ff6636346b8d6d4d874b1063ad90ada93f75df9dd435b026108096c052f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
last-modified: Tue, 01 Feb 2022 11:10:44 GMT
server: nginx
age: 1509
etag: "61f91534-37da"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 14298
expires: Sat, 05 Feb 2022 03:58:29 GMT

GET
H2 200 shutterstock_299401883.jpg
portaldobitcoin.uol.com.br/wp-content/uploads/2018/10/ 31 KB
31 KB 522ms
521ms Image
image/jpeg 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldobitcoin.uol.com.br/wp-content/uploads/2018/10/shutterstock_299401883.jpg
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: f1efe7ade86d518b386d775f80991a542daa43b7ba7359579adb8968c0738b90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
last-modified: Tue, 27 Aug 2019 00:36:52 GMT
server: nginx
age: 1209
etag: "5d647b24-7b81"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 31617
expires: Sat, 05 Feb 2022 04:03:29 GMT

GET
H2 200 shutterstock_2114108573-350x250.jpg
portaldobitcoin.uol.com.br/wp-content/uploads/2022/01/ 33 KB
33 KB 538ms
537ms Image
image/jpeg 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldobitcoin.uol.com.br/wp-content/uploads/2022/01/shutterstock_2114108573-350x250.jpg
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 62153f07b8c253ba34daaec5606127c97cd20b6ab96c44f86deef696adc2026c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
last-modified: Mon, 31 Jan 2022 12:50:39 GMT
server: nginx
age: 527
etag: "61f7db1f-82ba"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 33466
expires: Sat, 05 Feb 2022 04:14:51 GMT

GET
H2 200 shutterstock_1220685655.jpg
portaldobitcoin.uol.com.br/wp-content/uploads/2020/04/ 188 KB
188 KB 538ms
537ms Image
image/jpeg 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldobitcoin.uol.com.br/wp-content/uploads/2020/04/shutterstock_1220685655.jpg
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 07f49ecd1dc4f24b57a7c57537a93898779ac1a8d18c9d09e66677883cce6fae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
last-modified: Mon, 13 Apr 2020 12:29:08 GMT
server: nginx
age: 2051
etag: "5e945b14-2ee24"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 192036
expires: Sat, 05 Feb 2022 03:49:27 GMT

GET
H2 200 WhatsApp-Image-2022-01-31-at-17.04.32-1-350x250.jpeg
portaldobitcoin.uol.com.br/wp-content/uploads/2022/01/ 10 KB
10 KB 536ms
536ms Image
image/jpeg 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldobitcoin.uol.com.br/wp-content/uploads/2022/01/WhatsApp-Image-2022-01-31-at-17.04.32-1-350x250.jpeg
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 05aea1379cfa4a7d231302207ed1d524743d7d165093eae37eb88d53769ff9c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
last-modified: Mon, 31 Jan 2022 20:05:12 GMT
server: nginx
age: 2138
etag: "61f840f8-269c"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=280800
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 9884
expires: Sat, 05 Feb 2022 03:48:00 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 jegicon.woff
portaldobitcoin.uol.com.br/wp-content/themes/jnews/assets/dist/font/ 7 KB
7 KB 533ms
533ms Font
font/woff 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldobitcoin.uol.com.br/wp-content/themes/jnews/assets/dist/font/jegicon.woff
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=7.0.9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede

Request headers

Referer: https://portaldobitcoin.uol.com.br/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=7.0.9
Origin: https://portaldobitcoin.uol.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
last-modified: Wed, 19 Aug 2020 18:00:00 GMT
server: nginx
age: 1518
etag: "5f3d68a0-1be8"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 7144

GET
H2 200 ticker Show response
portaldobitcoin.com/indice/api/v1/ 379 B
839 B 448ms
446ms Fetch
application/json 2606:4700:3036::6815:163e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldobitcoin.com/indice/api/v1/ticker?currency=BTC
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:163e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39ef04fe42bfd7cc873ba06dd25243617a76755e49ba73599905434a74b02fce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 01 Feb 2022 22:20:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: MISS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1GeEKa%2BPLRPV6BHmfEtETwlCECKHLieKHppgKOr2ZXOPQy3poFyKWmluDyvkZo8vDA%2Ffnf5aOpyzycld9Z0Bnfu62wDjSv6UKR3%2FFZvoAEtLLdU4iLz06AruByUqE%2Fz2khw0gOe1RCl%2FtaxY149hIsG"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=120
x-server: E-Consulters Web
cf-ray: 6d6e9828ccbb374f-MXP
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H2 200 coins Show response
portaldobitcoin.com/indice/api/v1/ 3 KB
1 KB 453ms
451ms Fetch
application/json 2606:4700:3036::6815:163e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldobitcoin.com/indice/api/v1/coins?coin=BTC,XRP,ADA
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:163e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb9c3e25002c15649cf0f61381158425d5cb8e76d13d6d54859c7e63866a3e01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 01 Feb 2022 22:20:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: MISS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4RvGjN4n1AN2kORAVdcdBHscTHnrScTaO0mp2Usxsus6VdP9pJFvMOo%2FYB1c6PwgSuf86%2BpZ63zqMMNpkammnXT%2FgY6wUm%2BGS4FdzTkTary5Z76HXBhilAb9jwlve2erAF4i05B5AIA%2BaAMC88MVFdDO"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=120
x-server: E-Consulters Web
cf-ray: 6d6e9828ccba374f-MXP
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H2 200 BTC.png
portaldobitcoin.uol.com.br/indice/img/ 2 KB
2 KB 518ms
516ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldobitcoin.uol.com.br/indice/img/BTC.png
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 2b6064887ef3e3f56b479f8ea7f09711dd735504e5ba4f937ca2243eed79ca08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
last-modified: Mon, 24 Jan 2022 17:42:21 GMT
server: nginx
age: 0
vary: Accept-Encoding
x-cache: MISS
content-type: image/png
cache-control: public, max-age=2678400
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 1573

GET
H2 200 ETH.png
portaldobitcoin.uol.com.br/indice/img/ 2 KB
2 KB 518ms
517ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldobitcoin.uol.com.br/indice/img/ETH.png
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 51a9972c6f13b5510730dff6c349f812510c778b2f7722f00426c287246c50cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
last-modified: Mon, 24 Jan 2022 17:42:22 GMT
server: nginx
age: 0
vary: Accept-Encoding
x-cache: MISS
content-type: image/png
cache-control: public, max-age=2678400
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 1759

GET
H2 200 LTC.png
portaldobitcoin.uol.com.br/indice/img/ 1 KB
2 KB 518ms
517ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldobitcoin.uol.com.br/indice/img/LTC.png
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 12523501996e31c888ba97e221f91e2033222e7e7c7a21e1e755133f45646c7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
last-modified: Mon, 24 Jan 2022 17:42:32 GMT
server: nginx
age: 0
vary: Accept-Encoding
x-cache: MISS
content-type: image/png
cache-control: public, max-age=2678400
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 1507

GET
H2 200 IPB32.png
portaldobitcoin.uol.com.br/indice/img/ 1 KB
2 KB 517ms
517ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldobitcoin.uol.com.br/indice/img/IPB32.png
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 0cd10f44f0ec3e2739d4f3877e3353ebb7b3ff08028bde7ab3d21f57b39d9dfe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
last-modified: Tue, 26 Oct 2021 17:37:45 GMT
server: nginx
age: 0
vary: Accept-Encoding
x-cache: MISS
content-type: image/png
cache-control: public, max-age=2678400
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 1441

GET
H2 200 XRP.png
portaldobitcoin.uol.com.br/indice/img/ 1 KB
2 KB 518ms
517ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldobitcoin.uol.com.br/indice/img/XRP.png
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 81adb16c8bb35872dda383ce3a44a4c88acab45aeebd14352ae9fee24582651b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
last-modified: Mon, 24 Jan 2022 17:42:24 GMT
server: nginx
age: 0
vary: Accept-Encoding
x-cache: MISS
content-type: image/png
cache-control: public, max-age=2678400
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 1344

GET
H2 200 ADA.png
portaldobitcoin.uol.com.br/indice/img/ 2 KB
2 KB 518ms
517ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldobitcoin.uol.com.br/indice/img/ADA.png
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 8f4db8387015ff9cd69562542ad02e294fd0ee2caa394c7d79b6a7af2cd0a7b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
last-modified: Mon, 24 Jan 2022 17:42:24 GMT
server: nginx
age: 0
vary: Accept-Encoding
x-cache: MISS
content-type: image/png
cache-control: public, max-age=2678400
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 1703

GET
H2 200 mercurio.html Show response
tm.uol.com.br/ Frame 92D0 197 B
837 B 262ms
16ms Document
text/html 2600:9000:2251:9e00:6:5b96:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/mercurio.html
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=apcck8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:9e00:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/

Response headers

content-type: text/html;charset=UTF-8
content-length: 173
server: marrakesh 1.16.6
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
last-modified: Tue, 05 Jan 2021 17:11:27 GMT
content-encoding: gzip
date: Tue, 01 Feb 2022 22:16:01 GMT
expires: Tue, 01 Feb 2022 22:26:01 GMT
cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
etag: ba5203ce522cc70a434e9a70452ca145
x-cache: Hit from cloudfront
via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: IHfn7H-YDdtHNmhh0Fqi1OBzhf57ayusIXmfAbEPpeHmmojLXwQ0tg==
age: 552

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 134ms
110ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=apcck8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

d4bc3ba9aec293219630e2a007c7091bad483ceb74779ace8c2c525732cd0985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27301
x-xss-protection: 0
server: sffe
etag: "1119 / 554 of 1000 / last-modified: 1643717098"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 01 Feb 2022 22:25:13 GMT

GET
H2 200 profiles.js Show response
tm.jsuol.com.br/modules/external/tailtarget/ 13 KB
6 KB 9ms
8ms Script
application/javascript 2600:9000:2250:1600:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/profiles.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=apcck8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:1600:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 67ed54856b743c6e064253f611084475015ce883fff3150f710b8781e599d4a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:05:18 GMT
content-encoding: gzip
age: 1195
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 5277
access-control-allow-origin: *
last-modified: Wed, 28 Apr 2021 17:51:00 GMT
server: marrakesh 1.16.6
etag: ecbae16720fa9548b931f719328b1c88
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P2
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: hUvY7buVFe0Z6Gfyd--S244j6h2fPlYDW2D061rj3R-vPfAEubVFfw==
expires: Tue, 01 Feb 2022 23:05:18 GMT

GET
H2 200 CT-10.js Show response
tm.jsuol.com.br/modules/external/tailtarget/t3m/TT-10162-1/ 135 KB
18 KB 9ms
9ms Script
application/javascript 2600:9000:2250:1600:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/t3m/TT-10162-1/CT-10.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=apcck8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:1600:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 2a1e278d7fc082b3bf0de39e47f2ddacf260ae25c2af933c1e50de5c0f1e5899

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:16:00 GMT
content-encoding: gzip
age: 553
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 17645
access-control-allow-origin: *
last-modified: Tue, 18 Jan 2022 14:29:15 GMT
server: marrakesh 1.16.6
etag: 8e7fd0d2f19569b7354713312af6962d
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P2
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: wi9YUSvMm6HjXnGUgf1n272qncIfdrgv4T2v1CQ5G6q4JTNtfaHyjQ==
expires: Tue, 01 Feb 2022 23:16:00 GMT

GET
H2 200 policy-banner.js Show response
tm.jsuol.com.br/modules/ 13 KB
5 KB 8ms
8ms Script
application/javascript 2600:9000:2250:1600:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/policy-banner.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=apcck8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:1600:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: f153f40f822d39380a481c6873c18795229a865e35d14d0aa94c0afbbc5b167d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:05:18 GMT
content-encoding: gzip
age: 1195
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 4612
access-control-allow-origin: *
last-modified: Thu, 16 Sep 2021 14:11:14 GMT
server: marrakesh 1.16.6
etag: 7517a93881865b199b8c477184363723
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P2
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: vhhlUb1mj_hBViLUc95r2SwWc7bHCu3WTWdjZt6dhit2bvtxCPpc7w==
expires: Tue, 01 Feb 2022 23:05:18 GMT

GET
H2 200 parceiro-async.js Show response
jsuol.com.br/barra/ 13 KB
4 KB 1020ms
212ms Script
application/javascript 2804:49c:4208:405:ffff:ffff:ffff:3
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://jsuol.com.br/barra/parceiro-async.js?parceiro=portaldobitcoin
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=apcck8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2804:49c:4208:405:ffff:ffff:ffff:3 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 4686dc7c34b149b626ab16806d01e0f22395a6152914958516887c67ceb6ed2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:14 GMT
content-encoding: gzip
last-modified: Wed, 20 Oct 2021 12:28:38 GMT
server: marrakesh 1.16.6
etag: b34ecce1f5cfe6410b8ef604fde4286a
vary: Accept-Encoding,User-Agent
access-control-allow-methods: GET, HEAD
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
access-control-allow-origin: *
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, private, proxy-revalidate, no-transform
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
content-length: 3694
expires: Tue, 01 Feb 2022 23:25:14 GMT

GET
H2 200 portaldobitcoin.js Show response
me.jsuol.com.br/aud/ 14 KB
6 KB 1019ms
212ms Script
application/javascript 2804:49c:3101:401:ffff:ffff:ffff:50
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://me.jsuol.com.br/aud/portaldobitcoin.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=apcck8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2804:49c:3101:401:ffff:ffff:ffff:50 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: e355c038be97b5f05a5d8736278b89931ab827c62389b1c37fb6e85c1d52dd45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:14 GMT
content-encoding: gzip
last-modified: Mon, 18 Oct 2021 13:25:06 GMT
server: marrakesh 1.16.6
etag: f34536c54ebff4c364c99893ba05e86d
vary: Accept-Encoding,User-Agent
access-control-allow-methods: GET, HEAD
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
access-control-allow-origin: *
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, private, proxy-revalidate, no-transform
access-control-allow-credentials: true
content-type: application/javascript; charset=UTF-8
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
content-length: 6088
expires: Tue, 01 Feb 2022 23:25:14 GMT

GET
H2 200 dmp-uol-sync-p.js Show response
tm.jsuol.com.br/modules/ 8 KB
4 KB 8ms
8ms Script
application/javascript 2600:9000:2250:1600:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/dmp-uol-sync-p.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=apcck8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:1600:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 6410ce750d01ceff4d65ec282babbed0c97e981737229bd8a3bd2e4d7154da2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:05:18 GMT
content-encoding: gzip
age: 1195
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 2939
access-control-allow-origin: *
last-modified: Wed, 24 Nov 2021 12:50:12 GMT
server: marrakesh 1.16.6
etag: fea8f2acd4ddf43d3d135c798354616b
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P2
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: RSOjXy9nYpjCSMtEBHB1tENRMIkUUMXQSkmTLxq42lzCg3qjSEdr7g==
expires: Tue, 01 Feb 2022 23:05:18 GMT

GET
H2 200 / Show response
t.dynad.net/script/ 108 KB
34 KB 1234ms
429ms Script
text/javascript 2804:49c:3403:2676:ffff:ffff:ffff:6
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dynad.net/script/?dc=5550009734;ord=0;click=
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2804:49c:3403:2676:ffff:ffff:ffff:6 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: D3-FE12 / DynAd.net
Resource Hash: b789b1da352bba94946ddfe7f898daea8622b3b9e59cbdfd51cfd9a242ff938d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:14 GMT
content-encoding: gzip
server: D3-FE12
x-powered-by: DynAd.net
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
x-dynad-tracker: v1.1.558 Power Stroke
cache-control: max-age=0
content-type: text/javascript;charset=ISO-8859-1
expires: Tue, 01 Feb 2022 22:25:14 GMT

GET
H2 200 policyVersion Show response
upc.udr.uol.com.br/api/ 38 B
408 B 63ms
20ms XHR
application/json 2600:9000:223d:c400:d:bb6e:2980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upc.udr.uol.com.br/api/policyVersion
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/policy-banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:c400:d:bb6e:2980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 450047a0f4712cab19f1c2563ee80af7efb6b76dc482ad5795a29c83663254a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 17:55:19 GMT
via: 1.1 6851af5c4f6d355fa4ec39cc8cc0c358.cloudfront.net (CloudFront)
server: nginx/1.18.0
age: 188994
vary: Origin
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://portaldobitcoin.uol.com.br
cache-control: max-age=604800
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P3
content-length: 38
x-amz-cf-id: t7XGGEp0YnvbhGggSQX4yASpXT3jaMU5SRoi9gE9nbhdfoMDiok3nw==

GET
H2 200 profile Show response
tt-10162-1.seg.t.tailtarget.com/ 92 B
531 B 139ms
109ms Script
application/x-javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-10162-1.seg.t.tailtarget.com/profile
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/profiles.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
content-encoding: gzip
last-modified: Thu, 30 Jan 2020 20:26:00 GMT
server: nginx/1.17.8
etag: W/"5e333bd8-5c"
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
via: 1.1 google
cache-control: private, proxy-revalidate
content-type: application/x-javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 conversion.js Show response
tm.jsuol.com.br/modules/external/tailtarget/libs/ 15 KB
7 KB 15ms
15ms Script
application/javascript 2600:9000:2250:1600:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/conversion.js
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:1600:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: f4cd27b5ef047a264e3a40b63ba85441de12d23d043a986d469ec1c757067090

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:05:21 GMT
content-encoding: gzip
age: 1192
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 6125
access-control-allow-origin: *
last-modified: Mon, 31 Jan 2022 09:34:54 GMT
server: marrakesh 1.16.6
etag: f7a535aa8ca1d0acd1bff039eb80acff
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P2
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: pwkh9qb5irAZQtZ-Aj-VoBdi3X37DTywuLLjvN_MyR0gh-TvW7dakA==
expires: Tue, 01 Feb 2022 23:05:21 GMT

GET
H2 200 userConsent Show response
upc.udr.uol.com.br/api/ 27 B
396 B 40ms
21ms XHR
application/json 2600:9000:223d:c400:d:bb6e:2980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upc.udr.uol.com.br/api/userConsent
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/policy-banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:c400:d:bb6e:2980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 635d071ae31125c5e23d93a86781ac0fddd0a23ea1aea928a1d45384b6f1e536

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 17:55:19 GMT
via: 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
server: nginx/1.18.0
age: 188994
vary: Origin
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://portaldobitcoin.uol.com.br
cache-control: max-age=604800
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P3
content-length: 27
x-amz-cf-id: aQtkmiiqKsIgkfqt_jYf1aQfaNN7tIdyBPKWAwASGSFpdhAV8dSuqg==

GET
H3 200 pubads_impl_2022012701.js Show response
securepubads.g.doubleclick.net/gpt/ 355 KB
120 KB 31ms
9ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

97f59ccead873800701418302300e1c43fc7d41efe5aeb412d8279fefd5cd913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 21:51:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2026
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122333
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 09:34:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 01 Feb 2023 21:51:27 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 749 B
267 B 40ms
20ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=portaldobitcoin.uol.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

312d863dabb6b960a2ca9b26826807c46b5330b1632b571c3f14f9243cc3f1f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 01 Feb 2022 22:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 242
x-xss-protection: 0
expires: Tue, 01 Feb 2022 22:25:13 GMT

GET
H2 200 base.js Show response
tm.jsuol.com.br/modules/external/tailtarget/libs/ 21 KB
9 KB 14ms
14ms Script
application/javascript 2600:9000:2250:1600:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/conversion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:1600:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 711a8d3c6d036e5d2907810b7255622e34f23373f8d1387a1fc938e44c60fea0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:05:22 GMT
content-encoding: gzip
age: 1191
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 8357
access-control-allow-origin: *
last-modified: Wed, 28 Jul 2021 19:15:09 GMT
server: marrakesh 1.16.6
etag: aeb8806857f0c1b9f7f6b8d4ff48230f
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P2
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: JZGHvGOrZnieB1kUwcsG7pMAYPxatsx9J7P0ThQeZI1-_pvNM0zChw==
expires: Tue, 01 Feb 2022 23:05:22 GMT

GET
H3 200 trk
tt-10162-1.seg.t.tailtarget.com/ 70 B
91 B 131ms
114ms Image
image/png 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt-10162-1.seg.t.tailtarget.com/trk?tA=TT-10162-1&tJ=_channel:portalbitcoin:1&tK=1643754313&tM=direct&tL=direct&tN=direct&tY=3&tZ=57405871
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-disposition: inline
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

GET
H2 200 u Show response
b.t.tailtarget.com/ 71 B
150 B 123ms
116ms Script
application/x-javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?env=_ttq_tt_uol
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 8f91525bdc6d74bb66a55f1cb8e082cfcbf7db12486a6ce7ab5bedbff5c87d72

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
cache-control: private, proxy-revalidate
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 mercurio.js Show response
tm.jsuol.com.br/modules/ Frame 92D0 4 KB
2 KB 19ms
18ms Script
application/javascript 2600:9000:2250:1600:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/mercurio.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/mercurio.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:1600:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tm.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:14:10 GMT
content-encoding: gzip
age: 663
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 1065
access-control-allow-origin: *
last-modified: Fri, 07 May 2021 13:45:52 GMT
server: marrakesh 1.16.6
etag: bed0a7a707f166936e5aaac09879d050
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P2
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: BTg5cSDhzQBbXeSDP6Mbk6H16ZNTpK1NLv8s1bkvU1q8wtsGkRposw==
expires: Tue, 01 Feb 2022 23:14:10 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 89ms
56ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=portaldobitcoin.uol.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 01 Feb 2022 22:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 86ms
56ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=portaldobitcoin.uol.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 01 Feb 2022 22:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
12 KB 316ms
316ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2270778085280055&correlator=1088026939185663&output=ldjh&impl=fifs&eid=31060439%2C31063821%2C31063823%2C31064613&vrg=2022012701&ptt=17&sc=1&sfv=1-0-38&ecs=20220201&iu_parts=8804%2Cparceiros%2Cportal_bitcoin&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x100&prev_scp=campaignuol%3D1%26pos%3Dtop%26native%3D0&eri=1&cust_params=origin%3Dportaldobitcoin%2520uol%2520com%2520br%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie=ID%3D64ecff70fbd112e7-22efd0fb30cd00f8%3AT%3D1643754312%3ART%3D1643754312%3AS%3DALNI_MaimIZsmxSsZVly7rA64pqYB62WDg&bc=31&abxe=1&dt=1643754313436&lmt=1643754313&dlt=1643754312082&idt=1306&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=3938255830&ucis=1&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fportaldobitcoin.uol.com.br%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=289430633.1643754313&ga_sid=1643754313&ga_hid=1739137194&ga_fc=true&fws=644&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

b553cb7bbf360cbbe9aa5e62af7fe288a034b0781127c9d3c461142ab5f3ee77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12181
x-xss-protection: 0
google-lineitem-id: 5907021083
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138379693374
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://portaldobitcoin.uol.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B4FB 6 KB
4 KB 116ms
41ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 01 Feb 2022 22:25:13 GMT
expires: Wed, 01 Feb 2023 22:25:13 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 627ms
627ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2270778085280055&correlator=1088026939185663&output=ldjh&impl=fifs&eid=31060439%2C31063821%2C31063823%2C31064613&vrg=2022012701&ptt=17&sc=1&sfv=1-0-38&ecs=20220201&iu_parts=8804%2Cparceiros%2Cportal_bitcoin&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250&prev_scp=campaignuol%3D1%26pos%3Dtop%26native%3D0&eri=1&cust_params=origin%3Dportaldobitcoin%2520uol%2520com%2520br%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie=ID%3D64ecff70fbd112e7-22efd0fb30cd00f8%3AT%3D1643754312%3ART%3D1643754312%3AS%3DALNI_MaimIZsmxSsZVly7rA64pqYB62WDg&bc=31&abxe=1&dt=1643754313468&lmt=1643754313&dlt=1643754312082&idt=1306&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=198&adks=4089557028&ucis=2&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fportaldobitcoin.uol.com.br%2F&vis=1&scr_x=0&scr_y=0&psz=1285x294&msz=1285x-1&ga_vid=289430633.1643754313&ga_sid=1643754313&ga_hid=1739137194&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

264a9f68bc3265a6194508c165442f355ca9caca4c5a8b0d5316bd671a3fa98d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10076
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://portaldobitcoin.uol.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 16 KB
9 KB 996ms
996ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2270778085280055&correlator=1088026939185663&output=ldjh&impl=fifs&eid=31060439%2C31063821%2C31063823%2C31064613&vrg=2022012701&ptt=17&sc=1&sfv=1-0-38&ecs=20220201&iu_parts=8804%2Cparceiros%2Cportal_bitcoin&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&prev_scp=campaignuol%3D1%26pos%3Dtop%26native%3D0&eri=1&cust_params=origin%3Dportaldobitcoin%2520uol%2520com%2520br%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie=ID%3D64ecff70fbd112e7-22efd0fb30cd00f8%3AT%3D1643754312%3ART%3D1643754312%3AS%3DALNI_MaimIZsmxSsZVly7rA64pqYB62WDg&bc=31&abxe=1&dt=1643754313473&lmt=1643754313&dlt=1643754312082&idt=1306&frm=20&biw=1600&bih=1200&oid=2&adxs=1088&adys=482&adks=1912566433&ucis=3&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fportaldobitcoin.uol.com.br%2F&vis=1&scr_x=0&scr_y=0&psz=408x44&msz=408x0&ga_vid=289430633.1643754313&ga_sid=1643754313&ga_hid=1739137194&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

2490dca056df88c5fa2b7d13f670ea9ec6da600d14641e058e59ab9ec72cb43b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9223
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://portaldobitcoin.uol.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 1550ms
1550ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2270778085280055&correlator=1088026939185663&output=ldjh&impl=fifs&eid=31060439%2C31063821%2C31063823%2C31064613&vrg=2022012701&ptt=17&sc=1&sfv=1-0-38&ecs=20220201&iu_parts=8804%2Cparceiros%2Cportal_bitcoin&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=campaignuol%3D1%26pos%3Dtop%26native%3D0&eri=1&cust_params=origin%3Dportaldobitcoin%2520uol%2520com%2520br%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie=ID%3D64ecff70fbd112e7-22efd0fb30cd00f8%3AT%3D1643754312%3ART%3D1643754312%3AS%3DALNI_MaimIZsmxSsZVly7rA64pqYB62WDg&bc=31&abxe=1&dt=1643754313479&lmt=1643754313&dlt=1643754312082&idt=1306&frm=20&biw=1600&bih=1200&oid=2&adxs=217&adys=2607&adks=2945776321&ucis=4&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fportaldobitcoin.uol.com.br%2F&vis=1&scr_x=0&scr_y=0&psz=846x44&msz=846x0&ga_vid=289430633.1643754313&ga_sid=1643754313&ga_hid=1739137194&ga_fc=true&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

fb7d63e9133e595daf4f3c497119716e275f35bd5fa388802d69da5de9a34813

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8995
x-xss-protection: 0
google-lineitem-id: 5437264203
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138318687930
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://portaldobitcoin.uol.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
9 KB 1312ms
1312ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2270778085280055&correlator=1088026939185663&output=ldjh&impl=fifs&eid=31060439%2C31063821%2C31063823%2C31064613&vrg=2022012701&ptt=17&sc=1&sfv=1-0-38&ecs=20220201&iu_parts=8804%2Cparceiros%2Cportal_bitcoin&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=campaignuol%3D1%26pos%3Dtop%26native%3D0&eri=1&cust_params=origin%3Dportaldobitcoin%2520uol%2520com%2520br%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie=ID%3D64ecff70fbd112e7-22efd0fb30cd00f8%3AT%3D1643754312%3ART%3D1643754312%3AS%3DALNI_MaimIZsmxSsZVly7rA64pqYB62WDg&bc=31&abxe=1&dt=1643754313484&lmt=1643754313&dlt=1643754312082&idt=1306&frm=20&biw=1600&bih=1200&oid=2&adxs=217&adys=1259&adks=2945776320&ucis=5&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fportaldobitcoin.uol.com.br%2F&vis=1&scr_x=0&scr_y=0&psz=846x44&msz=846x0&ga_vid=289430633.1643754313&ga_sid=1643754313&ga_hid=1739137194&ga_fc=true&fws=0&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

4ea34c1d36b23fb7bf4e0931d297210e14050e7f34ae38a7b2d49379681c24b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9650
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://portaldobitcoin.uol.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
udr.uol.com.br/ 76 B
556 B 250ms
179ms Fetch
application/json 2600:9000:236e:ae00:1:bcff:6780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://udr.uol.com.br/?scopes=base-assinantes,user-preferences,corporate,inscriptions
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/dmp-uol-sync-p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:ae00:1:bcff:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: awselb/2.0 /
Resource Hash: 3d34e266cff7daf684b00f9b416ed963117deae77d3ce5c784660c54ddf3e638

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: FRA60-P1
vary: Origin,cache-max-age
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: https://portaldobitcoin.uol.com.br
cache-control: no-cache
access-control-allow-credentials: true
x-cache: Miss from cloudfront
content-length: 76
x-amz-cf-id: OPadC-8hPWbz70r4y0Dj9Ko2tB7imoH77eKe2SXwrWxQz7ZOLxc3tw==

GET
H2 200 ticker Show response
portaldobitcoin.com/indice/api/v1/ 372 B
564 B 445ms
445ms Fetch
application/json 2606:4700:3036::6815:163e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldobitcoin.com/indice/api/v1/ticker?currency=ETH
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:163e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec7381300dff18f502aff136f708b906a011921c25b53a9b1a6dbb447cbee2de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 01 Feb 2022 22:20:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: MISS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xLgRdkogfTCawM62e45PRMzhmXQ9LqE6eIq6aVM0AnE2yDm%2BpHV%2B6fJhnhNoVnvOPOsECHLlICAwevs6jrVQlBubXezRJJa5geM9NwOIpXY7vU8aOqCeGNCz2UFWw1oBm5qLOcBGIMA%2B%2BMbCHmLOWDhC"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=120
x-server: E-Consulters Web
cf-ray: 6d6e982b9bbe374f-MXP
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H3 200 b Show response
b.t.tailtarget.com/ 126 B
124 B 144ms
143ms Script
application/javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-10162-1&tY=1&tS=4&tU=0100007F49B3F961D1068A7302495B40&tX=b.52&tZ=541794701&env=_ttq_tt_uol
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 406095ed0a9d3c88602e22c53d877053de68f8bb1c8278dcf809773fd0eccbd8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 204 store
udr.uol.com.br/ 0
0 279ms
278ms Fetch 2600:9000:236e:ae00:1:bcff:6780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://udr.uol.com.br/store?scope=tt&data=tt_cluster:na;
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/dmp-uol-sync-p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:ae00:1:bcff:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: awselb/2.0 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: FRA60-P1
vary: Origin,cache-max-age
access-control-allow-methods: GET, POST
access-control-allow-origin: https://portaldobitcoin.uol.com.br
cache-control: max-age=86400
access-control-allow-credentials: true
x-cache: Miss from cloudfront
x-amz-cf-id: itbvBtTiNqd49R1WRSzO5bZUa0mB4NH6FdTWc6rGzzNWIkiLUZV8Xg==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B6EC 0
0 62ms
62ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYUIFLjD9-oajmHpQ8PxH9q79X4eAxdxYWy7JM81czEybTi2g0Ymd0N9f-rlbENmDtxM7nhGt0VPjVTY8kH0IpNleoLBWB4SfG1lQGhm1iFbUjp_x6g25CvOLz0s5y26lfaG2BbRYOUfvvM60OI0BHBWSjpKG6NwH0FEBfrwtA9VvX4nMzeA0bpJsqkfrvA6TIXd-_vdYo7AuwJRrx3dhKOU3gQzsMSVTulFP0jX0Z3QzE1P2Ee8pNO2aValBgBxUvpApfQ8DMvlypg8_ms0OqAiGxHdnNqgXlnk8pH9I7nxYH3c27MVUcMbidD4RMCRDYg4ey_apGLK9qFILSDQ&sig=Cg0ArKJSzAqplrBuVKcPEAE&uach_m=[UACH]&adurl=

Requested by

Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 01 Feb 2022 22:25:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame B6EC 2 KB
2 KB 137ms
53ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 22:23:19 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B6EC 123 KB
38 KB 151ms
88ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38373
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643632328463892"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 01 Feb 2022 22:25:13 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B6EC 0
0 77ms
40ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTYa_wzICYuKQ0jBC1QfHKqJ8Dcck7a63_2liYsJ8lc6gWMQdHFBQdtLi91wcZwQxA1obQqZgba9NoUyLym_VhhKM_-Rw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 14121542506967716393
tpc.googlesyndication.com/simgad/ Frame B6EC 9 KB
9 KB 137ms
54ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14121542506967716393

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef6bc941d7d6a3d66292a506378c7c6e2e765a15280fa7e56cbd02a8e17079ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 06:06:55 GMT
x-content-type-options: nosniff
age: 58698
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8974
x-xss-protection: 0
last-modified: Fri, 24 Jul 2020 13:08:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Feb 2023 06:06:55 GMT

GET
H2 200 /
portaldobitcoin.uol.com.br/indice/img/SOL.png/ 392 KB
393 KB 226ms
224ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldobitcoin.uol.com.br/indice/img/SOL.png/
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: edc2f59d05d2fffed23091cc693e42114fbed342a794283c715f85524fb4e79c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
last-modified: Mon, 24 Jan 2022 17:42:25 GMT
server: nginx
age: 0
vary: Accept-Encoding
x-cache: MISS
content-type: image/png
cache-control: public, max-age=2678400
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 401624

GET
H2 200 /
portaldobitcoin.uol.com.br/indice/img/MINA.png/ 3 KB
3 KB 222ms
220ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldobitcoin.uol.com.br/indice/img/MINA.png/
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 2fb7f5739c9d862a22dec28c181d2218487ab202b7729a88462139ae4873da91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
last-modified: Mon, 24 Jan 2022 17:43:05 GMT
server: nginx
age: 0
vary: Accept-Encoding
x-cache: MISS
content-type: image/png
cache-control: public, max-age=2678400
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 3333

GET
H2 200 /
portaldobitcoin.uol.com.br/indice/img/GRT.png/ 2 KB
3 KB 225ms
223ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldobitcoin.uol.com.br/indice/img/GRT.png/
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 409066a1dd514dfffa9f6492c3c0ef37d49d5ea49b86270c1fbe8d31fb29e7df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
last-modified: Mon, 24 Jan 2022 17:42:49 GMT
server: nginx
age: 0
vary: Accept-Encoding
x-cache: MISS
content-type: image/png
cache-control: public, max-age=2678400
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 2473

GET
H2 200 /
portaldobitcoin.uol.com.br/indice/img/LEO.png/ 2 KB
2 KB 223ms
221ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldobitcoin.uol.com.br/indice/img/LEO.png/
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: e313a2ab2e82f6944956fbaea510bf0047c6e3ca8a69b67a333bcd4f7b818166

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
last-modified: Mon, 24 Jan 2022 17:42:40 GMT
server: nginx
age: 0
vary: Accept-Encoding
x-cache: MISS
content-type: image/png
cache-control: public, max-age=2678400
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 1695

GET
H2 200 /
portaldobitcoin.uol.com.br/indice/img/EGLD.png/ 9 KB
10 KB 222ms
221ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldobitcoin.uol.com.br/indice/img/EGLD.png/
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 3881df512f8c292238a6ce58f703dba1e7cf3914e0281b02d5d951bd5696598f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
last-modified: Mon, 24 Jan 2022 17:42:44 GMT
server: nginx
age: 0
vary: Accept-Encoding
x-cache: MISS
content-type: image/png
cache-control: public, max-age=2678400
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 9567

GET
H2 200 /
portaldobitcoin.uol.com.br/indice/img/UNI.png/ 2 KB
2 KB 225ms
224ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldobitcoin.uol.com.br/indice/img/UNI.png/
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 8b19a61a5d1cd4295bb8c4641af8e0980c1e13b30716a0d7c329455d27e26e82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
last-modified: Mon, 24 Jan 2022 17:42:33 GMT
server: nginx
age: 0
vary: Accept-Encoding
x-cache: MISS
content-type: image/png
cache-control: public, max-age=2678400
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 1930

GET
H2 200 /
portaldobitcoin.uol.com.br/indice/img/FLOW.png/ 18 KB
18 KB 223ms
222ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldobitcoin.uol.com.br/indice/img/FLOW.png/
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 22e62f07c3d37c4e0b8f717bda7ac0c60362fb80380c9f6def693dd4f9b4567c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
last-modified: Mon, 24 Jan 2022 17:42:51 GMT
server: nginx
age: 0
vary: Accept-Encoding
x-cache: MISS
content-type: image/png
cache-control: public, max-age=2678400
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 18608

GET
H2 200 /
portaldobitcoin.uol.com.br/indice/img/SAND.png/ 683 B
882 B 222ms
221ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldobitcoin.uol.com.br/indice/img/SAND.png/
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: a380b22eb284e42a920b51c0154138674af944f4f9a6df3550dad00767363c5f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
last-modified: Mon, 24 Jan 2022 17:42:43 GMT
server: nginx
age: 0
vary: Accept-Encoding
x-cache: MISS
content-type: image/png
cache-control: public, max-age=2678400
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 683

GET
H2 200 /
portaldobitcoin.uol.com.br/indice/img/LRC.png/ 956 B
1 KB 225ms
224ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldobitcoin.uol.com.br/indice/img/LRC.png/
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 94f2d40ce4f18b3b77bc513987e1154b6b9238ededecd1a794717b07b4ef6363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
last-modified: Mon, 24 Jan 2022 17:43:00 GMT
server: nginx
age: 0
vary: Accept-Encoding
x-cache: MISS
content-type: image/png
cache-control: public, max-age=2678400
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 956

GET
H2 200 /
portaldobitcoin.uol.com.br/indice/img/HNT.png/ 342 B
541 B 223ms
222ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldobitcoin.uol.com.br/indice/img/HNT.png/
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: hugogloss.com
Software: nginx /
Resource Hash: 49ea0b5132d871b994e37f74e8a372306457ff6793ad457875495b8cd0319e3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
last-modified: Mon, 24 Jan 2022 17:42:46 GMT
server: nginx
age: 0
vary: Accept-Encoding
x-cache: MISS
content-type: image/png
cache-control: public, max-age=2678400
x-server: E-Consulters Web
accept-ranges: bytes
content-length: 342

GET
H3 200 ca Show response
tt-10162-1.seg.t.tailtarget.com/ 78 B
116 B 121ms
121ms Script
application/javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-10162-1.seg.t.tailtarget.com/ca?tZ=758836742&env=_ttq_tt_uol
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: c94d6e372e040ee6aadb4ef8311b3938c5cd662cbee5cfcc22621ce1696b4c05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:13 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B6EC 0
0 51ms
51ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQQuYcrH86qsVOWSYoOQKA1QljqCXvMeWFnnwLvwjrMv1uZvt2O9PMDqfhPRSQf23xrmxBetNakukhX5B8Q6FLd4lF0u69TLjd6giGw9fWhCgOAP-1wtNv2v8pDF2vAx4vCI4y32s-uIcNlI7VUrVDKApuOSXnJuUoPb9F0kZf6Qu5-xf7o23KRU_IX6mWjqIBA23fBxuhdMAzsCDRBKT0MEYKmNkHbWYy59g4gYzO3HjFTAfa-TyOmnOvVZ-JmXcoyK0fr-ptgPwLmLfDSzlvWggta1ltIILh3ZUVFm5L23c4b6hXCMq0O8YkY5nE2Pnl_4pIsMwQ9PCIUH-mJC75&sig=Cg0ArKJSzHOcaTI1VrzOEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 01 Feb 2022 22:25:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 01 Feb 2022 22:25:14 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame B6EC 1 KB
1 KB 63ms
14ms Script
application/javascript 13.32.121.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-72.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 04:14:38 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 65437
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 6GS22RillY55yiWJxb1L8MHj8-M6uydzn6_kcyu2uEacBzgqPBeiTA==

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/ Frame B6EC
Redirect Chain

https://sb.scorecardresearch.com/cs/6036356/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

13ms
13ms

Script
application/javascript

13.32.121.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Server: 13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-72.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:03:18 GMT
content-encoding: gzip
etag: W/"5b0f9f0704a703b8da651007721fac57"
last-modified: Thu, 04 Mar 2021 13:31:34 GMT
server: AmazonS3
age: 1317
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: SXQybp1BE8PZ1A-CYeGHUtlVLkXca0l2jVaG7C8i_M7Ud6dnFZU3Pw==

Redirect headers

date: Tue, 01 Feb 2022 22:25:14 GMT
via: 1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-cs/default/beacon.js
content-length: 52
x-amz-cf-id: HjFDGBskw5YlPkVV7-aDDeItbZLKWhd0EInHXF_tLLwVn303zV1ung==

GET
H2 200 ticker Show response
portaldobitcoin.com/indice/api/v1/ 361 B
553 B 462ms
462ms Fetch
application/json 2606:4700:3036::6815:163e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldobitcoin.com/indice/api/v1/ticker?currency=LTC
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:163e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5706ba2c54d9646655168aa1e2750a25fa9b606e65232eb77323d706fe5a030a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:14 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 01 Feb 2022 22:20:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: MISS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c3AWe9f7MWWQo2OTaDGR5S1EdRQFVCjYjt3lYxOP0KBtBkVzoEnRHqytBMDn3VRI0h1KogVOR9balZUmgRbNidtZrGfAGwXw4NhQicdbQDzxkpbFd2j922HLdkvKPRUAWNTOwNMddLa88vj2W%2BxGnXkC"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=120
x-server: E-Consulters Web
cf-ray: 6d6e982e9b24374f-MXP
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H2 200 fb4021a9e8c63bab32be231a648ca7c8332910f1ccac555c7344ced3a16df865
m.t.tailtarget.com/sync/TT-10162-1/ 43 B
138 B 130ms
115ms Image
image/gif 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.t.tailtarget.com/sync/TT-10162-1/fb4021a9e8c63bab32be231a648ca7c8332910f1ccac555c7344ced3a16df865
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:14 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
content-type: image/gif
cache-control: private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2

204

b2
sb.scorecardresearch.com/ Frame B6EC
Redirect Chain

https://sb.scorecardresearch.com/b?c1=8&c2=6036356&c3=1&ns__t=1643754314061&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fportaldobitcoin.uol.com.br%2F&c9=
https://sb.scorecardresearch.com/b2?c1=8&c2=6036356&c3=1&ns__t=1643754314061&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fportaldobitcoin.uol.com.br%2F&c9=

0
225 B

11ms
11ms

Image
text/plain

13.32.121.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=8&c2=6036356&c3=1&ns__t=1643754314061&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fportaldobitcoin.uol.com.br%2F&c9=
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Server: 13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-72.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:14 GMT
via: 1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: xLtqdPKO3VUW7vLVRgjHm6IvhGXWgOO-ED_9i5J-grmBdlXcLMkFMw==
x-cache: Miss from cloudfront

Redirect headers

date: Tue, 01 Feb 2022 22:25:14 GMT
via: 1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=8&c2=6036356&c3=1&ns__t=1643754314061&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fportaldobitcoin.uol.com.br%2F&c9=
content-length: 179
x-amz-cf-id: FxL43o-sgtoyVPhLVuUe8muWpDUg8HeABytkBRk1HJTKHHy_8qV5mg==

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
272 B 114ms
107ms Image
image/gif 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-10162-1&tE=0&tF=&tI=___se_1643754313641_3644888862&tJ=&tQ=portalbitcoin&tU=0100007F49B3F961D1068A7302495B40&tX=b.52&tY=1&tZ=337661802
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:14 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 container.html Show response
c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CC3A 6 KB
3 KB 41ms
18ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 01 Feb 2022 22:25:13 GMT
expires: Wed, 01 Feb 2023 22:25:13 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 uol-icones-setas.eot
stc.uol.com/c/webfont/projeto-grafico/v2/icones-setas/ 24 KB
24 KB 1162ms
479ms Font
application/vnd.ms-fontobject 2804:49c:3102:405:ffff:ffff:ffff:7
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://stc.uol.com/c/webfont/projeto-grafico/v2/icones-setas/uol-icones-setas.eot?2017
Requested by: Host: jsuol.com.br
URL: https://jsuol.com.br/barra/parceiro-async.js?parceiro=portaldobitcoin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2804:49c:3102:405:ffff:ffff:ffff:7 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software: nginx /
Resource Hash: 1ae8bbb7baf2bcf96f7e2cf9a63b11603ce80e344d19425d4f93241a95fee40e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:14 GMT
last-modified: Thu, 29 Jun 2017 15:57:04 GMT
server: nginx
age: 7913
etag: "5ed0-5531b5a13742c"
access-control-allow-methods: GET, HEAD
x-varnish: 100087917 98948429
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-cache: HIT
content-type: application/vnd.ms-fontobject
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
content-length: 24272
expires: Wed, 01 Feb 2023 20:13:22 GMT

GET
H2 200 uol-text-regular.eot
stc.uol.com/c/webfont/projeto-grafico/uol-font/ 18 KB
19 KB 1401ms
719ms Font
application/vnd.ms-fontobject 2804:49c:3102:405:ffff:ffff:ffff:7
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://stc.uol.com/c/webfont/projeto-grafico/uol-font/uol-text-regular.eot?v5
Requested by: Host: jsuol.com.br
URL: https://jsuol.com.br/barra/parceiro-async.js?parceiro=portaldobitcoin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2804:49c:3102:405:ffff:ffff:ffff:7 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software: nginx /
Resource Hash: 80aaf8f87007d51ed26c959e07b74357f73f280e7a4f17869a92fd1c73bdd2db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:14 GMT
last-modified: Tue, 03 Nov 2020 20:43:38 GMT
server: nginx
age: 7838
etag: "49bd-5b339ead6b44d"
access-control-allow-methods: GET, HEAD
x-varnish: 100087918 98960998
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-cache: HIT
content-type: application/vnd.ms-fontobject
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
content-length: 18877
expires: Wed, 01 Feb 2023 20:14:37 GMT

GET
H2 200 uol2021_completo_white_178x64.png
imguol.com/c/_layout/v3/logoUOL2021/ 3 KB
3 KB 926ms
245ms Image
image/png 2804:49c:3102:405:ffff:ffff:ffff:7
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imguol.com/c/_layout/v3/logoUOL2021/uol2021_completo_white_178x64.png
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2804:49c:3102:405:ffff:ffff:ffff:7 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software: nginx /
Resource Hash: 7e2f04029abafb1d17957d7301479ebd6627314236cf3b7800592f1d6c34c501

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:14 GMT
last-modified: Thu, 25 Mar 2021 21:02:24 GMT
server: nginx
age: 22665242
etag: "22b153663c1321a3450f672a1ea0a85d"
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-varnish: 604566246 600016651
x-cache: HIT
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
content-length: 2634
expires: Sun, 15 May 2022 14:31:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: me.jsuol.com.br
URL: https://me.jsuol.com.br/aud/portaldobitcoin.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1222
date: Tue, 01 Feb 2022 22:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 02 Feb 2022 00:04:52 GMT

GET
H2 200 uol-text-regular.woff
stc.uol.com/c/webfont/projeto-grafico/uol-font/ 26 KB
26 KB 1150ms
478ms Font
application/font-woff 2804:49c:3102:405:ffff:ffff:ffff:7
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://stc.uol.com/c/webfont/projeto-grafico/uol-font/uol-text-regular.woff?v5
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2804:49c:3102:405:ffff:ffff:ffff:7 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software: nginx /
Resource Hash: c63635ffe1ea1c4731169ccfa13c0499174c7634d264beb4fca4809b7e75c0ee

Request headers

Referer: https://portaldobitcoin.uol.com.br/
Origin: https://portaldobitcoin.uol.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:14 GMT
last-modified: Tue, 03 Nov 2020 20:43:53 GMT
server: nginx
age: 5326
etag: "663f-5b339ebbb947f"
access-control-allow-methods: GET, HEAD
x-varnish: 1295397764 1294672014
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-cache: HIT
content-type: application/font-woff
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
content-length: 26175
expires: Wed, 01 Feb 2023 20:56:28 GMT

GET
H2 200 uol-icones-setas.woff
stc.uol.com/c/webfont/projeto-grafico/v2/icones-setas/ 24 KB
24 KB 1386ms
715ms Font
application/font-woff 2804:49c:3102:405:ffff:ffff:ffff:7
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://stc.uol.com/c/webfont/projeto-grafico/v2/icones-setas/uol-icones-setas.woff?2017
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2804:49c:3102:405:ffff:ffff:ffff:7 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software: nginx /
Resource Hash: 28c48173a3d22a330c9be901a0d58053bea418e04957197f1e3fb2784da355dc

Request headers

Referer: https://portaldobitcoin.uol.com.br/
Origin: https://portaldobitcoin.uol.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:14 GMT
last-modified: Thu, 29 Jun 2017 15:57:04 GMT
server: nginx
age: 5158
etag: "5e40-5531b5a137468"
access-control-allow-methods: GET, HEAD
x-varnish: 1295397765 1294695855
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-cache: HIT
content-type: application/font-woff
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
content-length: 24128
expires: Wed, 01 Feb 2023 20:59:16 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/6036356/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

13ms
13ms

Script
application/javascript

13.32.121.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Server: 13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-72.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:03:18 GMT
content-encoding: gzip
etag: W/"5b0f9f0704a703b8da651007721fac57"
last-modified: Thu, 04 Mar 2021 13:31:34 GMT
server: AmazonS3
age: 1317
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 5mJWYkC4GfEokT1Pju9bG7sOGWKlmkEnECXVUULyWzXxkSP1YzM8cw==

Redirect headers

date: Tue, 01 Feb 2022 22:25:14 GMT
via: 1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-cs/default/beacon.js
content-length: 52
x-amz-cf-id: 7HnptKaF3a6V_ExLEyD3sNQukkt_EBDSqae6gd1kgC28eYb6jrmtfA==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 15ms
14ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1739137194&t=pageview&_s=1&dl=https%3A%2F%2Fportaldobitcoin.uol.com.br%2F&ul=en-us&de=UTF-8&dt=Portal%20do%20Bitcoin%20-%20A%20nova%20economia%20e%20o%20futuro%20do%20dinheiro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDAAUABAAAAAC~&jid=106193808&gjid=1767653389&cid=289430633.1643754313&tid=UA-97689914-231&_gid=601692819.1643754313&_r=1&_slc=1&cd1=Parceiros&cd2=Portal%20do%20Bitcoin&cd3=Portal%20do%20Bitcoin&cd11=normal&cd4=289430633.1643754313&cd66=1643754314174.qx053sr&cd85=dd991084-5a0b-415f-930f-ee32a2c7e3bc&cd87=banner%20pendente&cd88=banner%20pendente&z=506622660

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://portaldobitcoin.uol.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portaldobitcoin.uol.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 72ms
42ms XHR
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-97689914-231&cid=289430633.1643754313&jid=106193808&gjid=1767653389&_gid=601692819.1643754313&_u=6GDAAUABAAAAAC~&z=719474571

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://portaldobitcoin.uol.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 01 Feb 2022 22:25:14 GMT
content-type: text/plain
access-control-allow-origin: https://portaldobitcoin.uol.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4B63 624 B
297 B 32ms
31ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEIHeluACGMH50rUBMAE&v=APEucNW8EL6XwKE2wVXdPUKPDuQ_Jg-5TGyu3n3E85KXz_63yeDIZDpe_lIWs_tSV-_1JHG1Cej1PTWEZ-q-IqFge_C326kwjlyCuORlz8jmBuhQLkCKFXeRx5n3XEDjsJMkMeMSjloX6wPcYdZJ1Ox7K2PkIsrmPQW_fXj7FvDrDhMCcF4sxgY

Requested by

Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 01 Feb 2022 22:25:14 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9A37 75 KB
31 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DpPQNQIbX1yCLvxZK5scEmi0G3qdcTaUlXM3_sowOuKtoRxW7hz5zrtDhejgNsTkuDJ_-xZbDDx0XLJ5oyIxrt6W3hFcbyE5BkDSby8iVbgbgNz3OCQRReM90TNPZ2CJvOpEsg0NJuyQwCwfkDm5fVZxYrYw&dbm_d=AKAmf-Cfxkg8ZOF8eUJDp8e__y-ptxN67PRfu3mmEk-k4roJgKvHGmS6dxsUCC85hd9iRbUlHW2Qh8m-oSw4WHlaqLGNqDtfq_l_xt4G_vMYDgEcTFkc1qlG9ruXQ6OB8-nLG-4LDBsioY0MncWN-6ad9iWWv3RQY1G3-jBn3slPTh8z-eUPJ4CTHsC4HiEiN5qpMwkh8qzURTSA8yG6ZvBBKjfhrktCLL3viJ4y0A254bNsmETa38__WB_DkA_W3k1CYa71YxbUGAOSRE7B_JukY-v92C2GIhrBwAvCcftKiTcmb516UHUjjJXJkutYX3SUUoIcdgfIZMElG54cd7530fq5WzmkN3KdwLv2sfWK1_zTlNzbya-DG6IFB4G5fG7DlBnRHiEO-Xq4n5-W7w-8ncNI2bmxM3-09L_79HwSi5AH-cnZB2JTM9lpMiXaFp5LzkdiZnzpEuomQgB3y5OxTnfSnjvX_qM_JXJUHCrQVNt6BzqSOr8z9toiP39SBXuM9p2OUvDkLq6yPDkWUY1MrhUKA6nJDJCJ-l7EDRGITBUXsh3ZlY3igYhQzZXot4YF6BdWBqAxhqQTMDNjgBCoYUmv0RwNHKquWTU-A4hgBz_OfLdkmQZyRUYAlhVGLJ4-lkTmOPMeBRurIQS0u0Z0UyhfteG5BslCXyGwn2cefdKjIZzRXNb7HpZgoOBoY8j8ISfDn4Z7g722OuRWfeC8_3lZVHAWAZpv9IMvC8EEIWULgVbEcz5lo8nfinMpnO0UsGSqp02d1VDqkuMxW8M8gM4sr1gtK2X5S9CI5oBqBTf4IIwMhEQXwzK2KNGyF7QyU2ppagqulHFBhNN-cwxKpZnQYa-EoLazhYnLbSTZQpKQ9sejRtTUkYYARA40crOooklTBXBwD2smYFLI4EKE3cDJvbZUw5HKb1Es4zZrduDuoNHGpCeSQrVBQVcDYSrGB5juwgOzaMItwdaTvdn6OwSXwNz0DRg0Ok3boFvYxDtICBZWFIgsCuT5-Bm0Yil7h4AGm2mds4wu2pEw_lpMIR016eecw9fa_VM03Qj3TAq3jeN064HVpT_RU4d79C5bNgYk-Ts2AvbhAHwawZoHXTTP-Z8HnOFuXhUFzLgAvAq_00_dWlok8s66Mau2ZwXwoaJNx4VKeWtOElOquRmSDkeNJ2l5F7RVjLDf6vsEgl_oKFQvzjdIExZ_ciUwCPkkneJFDzPhpSm8kGevP6DGVy8JatSooVdPTXpTWK0qEKliOQTYEqcGC0avq0OGXQBcj9FDLaNMvSQUNvWPvFD1o1HyA2L67CxMGTHl13Aq5FHYc2quBjjr-k9jd60hFcoEQzZcnjVJYR5iF8AngtW-puKU_BVqvsl1geyctXmz7lpc61n-yuxgm6-RJuWxqWbY4iCSLhWbRARbZaW2tOgcVtyBGsBRgWY6BofanuvRGk3BEY1NB6t8qK0B2Vyr93VGvL8otbHiWJUYq86MDFNYIhSiehM824bQb2Jck3YT6AoyTlYuvmb4L-9lkC5mqE7eqW93DvJ7kdrrNF0BYnLUHfnDEDuzgXBYpxf8Kt7Rt6QvWVBLftVumpLxXzx93QKjsafoUu3SjKqSDU5lW0GwIPjzIYep4QFXsoTTzKZPwnWCwshIeABl09_TVCy029rojO9U3b58jGqvE8IGhSlUr9LEhodYOCdBUa1Ly_jzDKRV6YwzsALA--lchGjdWdypLQ4JAwcRU0fUR6ugO8iSu4Zza49vhul9VQUrTEML8PIyA_-PKykW4QxlOMTYECfQTFTnN419nL2V26wT5_53-sJQmR3DG-A8m6gXXfUJa8p8mXy8yho2HFn7o_nEyvGByyPv8zJk6GNHISccBZ6WB_5eY7Mhc2htWBgXp5JGVRc4x4SCLM01zGp8gw8-X4SoTwBcnHnFZr44lD4jn_nmWKI_BIv6D51Bzd6PA3JZko2yP8gqNfAqXAMFE2YgLh6_qj85Mmr-TFyS17Moyzs8W2Z1RWSoX0_Qr5q0yCTgbfAqHhPXMnIB1bUAoZV0RVYnbL2JgQTuTr6YdCuC4a6Gu3_9__eNS42Svnrx-Rhhn8uHMwTty0NERPDUig2Js-kJKddfpJIaqvVjlMt_-KtNUwrU_TR1czdx_k0sC1OJLdGOW9ASeXsQ2tQmnl7HqtKal7Wp68LPWgg43r3Z9w2efvDP2aToYn0uzeyKsWOQ6AwtyYB4jyczjMIjXnkfqNMEtrRba5lOxWSi5rkZrHJ-23g-ZDRq_RDw52QxqEmfwU9L3ZiK3Sg6SfZnU4iBdLAezAhYxt-X_1eWB3lfiOWkiwBr5gYcMM76IhK5fU0vyKHKI7OuwOuK3IFEaMiJ5msNRVAvkyZJn8DfSmY4Z5LFTJ0ha5Lyb_Sh5-L8Bm-ylZzlLMqmWUbjN40pP_4tOMayu2QZBOWMqhV3VuBC99P1ift2P5POIOvIYu2RnlAKkouGaUGnqpvZZR-eiQBsBCPj9X-LHvc3-ffxuepzbOSSlHiZK-XWch8_iSZBuJGS2rJNWNZ5StvJjM8WKdzBziebGyMEtw74ltLpeN3E7PLMOWz6kNO5KUGpjWkvszJr_eRmdCwn5epRivkz9c5fOdFHD73EyPGXW7eg-kA3QJQNLXP_etngyC0DRFn_R-PcjZOwQYTJAG09FfufsDiF8wTc7UzuJggQ6k31egQvWWjMMfVZFSF9j-jAwWJSQ_kAjVmOejzcssGnnwb_oKRYksG5Psd5CsP6V2ldrO7A68ZRP5SooeLHeFKv-_bGICPS__nP3oPv-Ur_KTAupslWgOPOgt2ibZhgg3Jkv60fPyOMCVzn0U-fMIOegihYl1fN5CP-rQ-CsLFPC-RAiInIFNnY4cFtan9H4_1dZn6T2VxXY4qG9XumFQuGOYqCO4BZjmfd6j45vOwZo9ujj0axo9jmCfB5aZhVIJCk-NOJHJPr7-CANV85Is-eZWpqCmBRCWJVDhZdVKeYe-eU6Wd-Mje9b6kRqQbUuqxPwYivTkmqVQxs3BucUMMeeDY46PT1_sNnr29kKDe1IZlDoVRr4gXDdaok_JCL&cid=CAASEuRoVPNCr1PfZEmbW-F1Kx9zSQ&rfl=2%2Chttps%253A%252F%252Fportaldobitcoin.uol.com.br%252F%240

Requested by

Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f13719c7f32f47fbb930cda3f0e8d46238693e82c97bfcea5779f2da06258ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32062
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame 9A37 2 KB
1 KB 67ms
37ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/window_focus_fy2019.js

Requested by

Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 22:23:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9A37 123 KB
38 KB 120ms
92ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38373
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643632328463892"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 01 Feb 2022 22:25:14 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame 9A37 14 KB
6 KB 64ms
35ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fde98a3e06f299a73b0a3eb6c095649b9c3f9c342596091936a4675fd6980a1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:22:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6195
x-xss-protection: 0
server: cafe
etag: 17106829078744545694
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 22:22:33 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A37 42 B
63 B 63ms
62ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bgp2ISfpUafEZS6FQAW0y3T_J83klktMXddgrYp3FAstRaH9EPraBF2YaSWsRTYPUXqynjhTeyGNrhmiIWxRUx6jb7voTC2jGXzqFVwCKrkhpAAYc

Requested by

Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
335 B 22ms
21ms Image
text/plain 13.32.121.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6036356&c3=&c4=&c5=&c6=&c15=&cs_it=b2&cv=3.8.0.210223&ns__t=1643754314216&ns_c=UTF-8&c7=https%3A%2F%2Fportaldobitcoin.uol.com.br%2F&c8=Portal%20do%20Bitcoin%20-%20A%20nova%20economia%20e%20o%20futuro%20do%20dinheiro&c9=
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-72.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:14 GMT
via: 1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: 9VAbh-Zm4vLMvMjNV7NRsIYeCzsCnIHFx-9Yd35bs891C2GWMkRvfA==
x-cache: Miss from cloudfront

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 22 KB
10 KB 129ms
37ms Script
application/x-javascript 2600:9000:223c:1a00:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: jsuol.com.br
URL: https://jsuol.com.br/barra/parceiro-async.js?parceiro=portaldobitcoin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:1a00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3d54d65d1a3e03ee57b6b3bea623447a1d39393610bdd51bb389fe20c0b17f78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 20:31:24 GMT
content-encoding: gzip
last-modified: Fri, 14 Jan 2022 02:25:43 GMT
server: nginx
age: 6830
etag: W/"61e0df27-59c1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: xRBvyRiLH1Zh_6QNEo8uFKpicp5wcFgU6JzUL2gaZ3S79JVnyqjZrA==
expires: Tue, 01 Feb 2022 22:31:24 GMT

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 69 KB
23 KB 135ms
43ms Script
application/x-javascript 2600:9000:223c:1a00:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: jsuol.com.br
URL: https://jsuol.com.br/barra/parceiro-async.js?parceiro=portaldobitcoin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:1a00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e916d6f3c9c316368f99463951a426d09d4ddd223e961652728b519efb11e772

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 20:49:36 GMT
content-encoding: gzip
last-modified: Fri, 28 Jan 2022 06:48:38 GMT
server: nginx
age: 5738
etag: W/"61f391c6-11377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: YAqzv58w_SEtOjPe8YTE9Px77mWIoK9H8GQdB0ain90eagsl36QYGA==
expires: Tue, 01 Feb 2022 22:49:36 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4B63
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPU4XUeclYDG5yVGMeoU8ys&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPU4XUeclYDG5yVGMeoU8ys&google_cver=1&C=1

43 B
1014 B

60ms
60ms

Image
image/gif

2.20.85.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPU4XUeclYDG5yVGMeoU8ys&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEIHeluACGMH50rUBMAE&v=APEucNW8EL6XwKE2wVXdPUKPDuQ_Jg-5TGyu3n3E85KXz_63yeDIZDpe_lIWs_tSV-_1JHG1Cej1PTWEZ-q-IqFge_C326kwjlyCuORlz8jmBuhQLkCKFXeRx5n3XEDjsJMkMeMSjloX6wPcYdZJ1Ox7K2PkIsrmPQW_fXj7FvDrDhMCcF4sxgY
Protocol: HTTP/1.1
Server: 2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-85-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 22:25:14 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 01 Feb 2022 22:25:14 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 22:25:14 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPU4XUeclYDG5yVGMeoU8ys&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Tue, 01 Feb 2022 22:25:14 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4B63
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfmzSiY0SBAHURrTHgGyjgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA_VJlx1Z3eCOn3iPpn8ZpQ&google_cver=1

43 B
894 B

86ms
85ms

Image
image/gif

2.20.85.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA_VJlx1Z3eCOn3iPpn8ZpQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEIHeluACGMH50rUBMAE&v=APEucNW8EL6XwKE2wVXdPUKPDuQ_Jg-5TGyu3n3E85KXz_63yeDIZDpe_lIWs_tSV-_1JHG1Cej1PTWEZ-q-IqFge_C326kwjlyCuORlz8jmBuhQLkCKFXeRx5n3XEDjsJMkMeMSjloX6wPcYdZJ1Ox7K2PkIsrmPQW_fXj7FvDrDhMCcF4sxgY
Protocol: HTTP/1.1
Server: 2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-85-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 22:25:14 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 01 Feb 2022 22:25:14 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA_VJlx1Z3eCOn3iPpn8ZpQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 4B63
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFppjpB--FNVG6y8otAZENg&google_cver=1

43 B
1003 B

42ms
42ms

Image
image/gif

185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFppjpB--FNVG6y8otAZENg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEIHeluACGMH50rUBMAE&v=APEucNW8EL6XwKE2wVXdPUKPDuQ_Jg-5TGyu3n3E85KXz_63yeDIZDpe_lIWs_tSV-_1JHG1Cej1PTWEZ-q-IqFge_C326kwjlyCuORlz8jmBuhQLkCKFXeRx5n3XEDjsJMkMeMSjloX6wPcYdZJ1Ox7K2PkIsrmPQW_fXj7FvDrDhMCcF4sxgY

Protocol

HTTP/1.1

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 22:25:14 GMT
X-Proxy-Origin: 217.64.151.30; 217.64.151.30; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ad952ed4-a2be-459b-9fe6-e4be25ac0817
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFppjpB--FNVG6y8otAZENg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4B63
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc2OTg4NzI1NTc5NjEzOTE0

170 B
188 B

52ms
51ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc2OTg4NzI1NTc5NjEzOTE0

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 22:25:14 GMT
X-Proxy-Origin: 217.64.151.30; 217.64.151.30; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3dd56bf8-236e-442d-b79a-8e1115073c0a
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc2OTg4NzI1NTc5NjEzOTE0
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 47ms
46ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-97689914-231&cid=289430633.1643754313&jid=106193808&_u=6GDAAUABAAAAAC~&z=1681709902

Requested by

Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 88ms
43ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-97689914-231&cid=289430633.1643754313&jid=106193808&_u=6GDAAUABAAAAAC~&z=1681709902

Requested by

Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 9A37 106 KB
38 KB 103ms
30ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
Origin: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 10:21:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43398
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Feb 2022 10:21:56 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220131/r20110914/elements/html/ Frame 9A37 8 KB
3 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220131/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DpPQNQIbX1yCLvxZK5scEmi0G3qdcTaUlXM3_sowOuKtoRxW7hz5zrtDhejgNsTkuDJ_-xZbDDx0XLJ5oyIxrt6W3hFcbyE5BkDSby8iVbgbgNz3OCQRReM90TNPZ2CJvOpEsg0NJuyQwCwfkDm5fVZxYrYw&dbm_d=AKAmf-Cfxkg8ZOF8eUJDp8e__y-ptxN67PRfu3mmEk-k4roJgKvHGmS6dxsUCC85hd9iRbUlHW2Qh8m-oSw4WHlaqLGNqDtfq_l_xt4G_vMYDgEcTFkc1qlG9ruXQ6OB8-nLG-4LDBsioY0MncWN-6ad9iWWv3RQY1G3-jBn3slPTh8z-eUPJ4CTHsC4HiEiN5qpMwkh8qzURTSA8yG6ZvBBKjfhrktCLL3viJ4y0A254bNsmETa38__WB_DkA_W3k1CYa71YxbUGAOSRE7B_JukY-v92C2GIhrBwAvCcftKiTcmb516UHUjjJXJkutYX3SUUoIcdgfIZMElG54cd7530fq5WzmkN3KdwLv2sfWK1_zTlNzbya-DG6IFB4G5fG7DlBnRHiEO-Xq4n5-W7w-8ncNI2bmxM3-09L_79HwSi5AH-cnZB2JTM9lpMiXaFp5LzkdiZnzpEuomQgB3y5OxTnfSnjvX_qM_JXJUHCrQVNt6BzqSOr8z9toiP39SBXuM9p2OUvDkLq6yPDkWUY1MrhUKA6nJDJCJ-l7EDRGITBUXsh3ZlY3igYhQzZXot4YF6BdWBqAxhqQTMDNjgBCoYUmv0RwNHKquWTU-A4hgBz_OfLdkmQZyRUYAlhVGLJ4-lkTmOPMeBRurIQS0u0Z0UyhfteG5BslCXyGwn2cefdKjIZzRXNb7HpZgoOBoY8j8ISfDn4Z7g722OuRWfeC8_3lZVHAWAZpv9IMvC8EEIWULgVbEcz5lo8nfinMpnO0UsGSqp02d1VDqkuMxW8M8gM4sr1gtK2X5S9CI5oBqBTf4IIwMhEQXwzK2KNGyF7QyU2ppagqulHFBhNN-cwxKpZnQYa-EoLazhYnLbSTZQpKQ9sejRtTUkYYARA40crOooklTBXBwD2smYFLI4EKE3cDJvbZUw5HKb1Es4zZrduDuoNHGpCeSQrVBQVcDYSrGB5juwgOzaMItwdaTvdn6OwSXwNz0DRg0Ok3boFvYxDtICBZWFIgsCuT5-Bm0Yil7h4AGm2mds4wu2pEw_lpMIR016eecw9fa_VM03Qj3TAq3jeN064HVpT_RU4d79C5bNgYk-Ts2AvbhAHwawZoHXTTP-Z8HnOFuXhUFzLgAvAq_00_dWlok8s66Mau2ZwXwoaJNx4VKeWtOElOquRmSDkeNJ2l5F7RVjLDf6vsEgl_oKFQvzjdIExZ_ciUwCPkkneJFDzPhpSm8kGevP6DGVy8JatSooVdPTXpTWK0qEKliOQTYEqcGC0avq0OGXQBcj9FDLaNMvSQUNvWPvFD1o1HyA2L67CxMGTHl13Aq5FHYc2quBjjr-k9jd60hFcoEQzZcnjVJYR5iF8AngtW-puKU_BVqvsl1geyctXmz7lpc61n-yuxgm6-RJuWxqWbY4iCSLhWbRARbZaW2tOgcVtyBGsBRgWY6BofanuvRGk3BEY1NB6t8qK0B2Vyr93VGvL8otbHiWJUYq86MDFNYIhSiehM824bQb2Jck3YT6AoyTlYuvmb4L-9lkC5mqE7eqW93DvJ7kdrrNF0BYnLUHfnDEDuzgXBYpxf8Kt7Rt6QvWVBLftVumpLxXzx93QKjsafoUu3SjKqSDU5lW0GwIPjzIYep4QFXsoTTzKZPwnWCwshIeABl09_TVCy029rojO9U3b58jGqvE8IGhSlUr9LEhodYOCdBUa1Ly_jzDKRV6YwzsALA--lchGjdWdypLQ4JAwcRU0fUR6ugO8iSu4Zza49vhul9VQUrTEML8PIyA_-PKykW4QxlOMTYECfQTFTnN419nL2V26wT5_53-sJQmR3DG-A8m6gXXfUJa8p8mXy8yho2HFn7o_nEyvGByyPv8zJk6GNHISccBZ6WB_5eY7Mhc2htWBgXp5JGVRc4x4SCLM01zGp8gw8-X4SoTwBcnHnFZr44lD4jn_nmWKI_BIv6D51Bzd6PA3JZko2yP8gqNfAqXAMFE2YgLh6_qj85Mmr-TFyS17Moyzs8W2Z1RWSoX0_Qr5q0yCTgbfAqHhPXMnIB1bUAoZV0RVYnbL2JgQTuTr6YdCuC4a6Gu3_9__eNS42Svnrx-Rhhn8uHMwTty0NERPDUig2Js-kJKddfpJIaqvVjlMt_-KtNUwrU_TR1czdx_k0sC1OJLdGOW9ASeXsQ2tQmnl7HqtKal7Wp68LPWgg43r3Z9w2efvDP2aToYn0uzeyKsWOQ6AwtyYB4jyczjMIjXnkfqNMEtrRba5lOxWSi5rkZrHJ-23g-ZDRq_RDw52QxqEmfwU9L3ZiK3Sg6SfZnU4iBdLAezAhYxt-X_1eWB3lfiOWkiwBr5gYcMM76IhK5fU0vyKHKI7OuwOuK3IFEaMiJ5msNRVAvkyZJn8DfSmY4Z5LFTJ0ha5Lyb_Sh5-L8Bm-ylZzlLMqmWUbjN40pP_4tOMayu2QZBOWMqhV3VuBC99P1ift2P5POIOvIYu2RnlAKkouGaUGnqpvZZR-eiQBsBCPj9X-LHvc3-ffxuepzbOSSlHiZK-XWch8_iSZBuJGS2rJNWNZ5StvJjM8WKdzBziebGyMEtw74ltLpeN3E7PLMOWz6kNO5KUGpjWkvszJr_eRmdCwn5epRivkz9c5fOdFHD73EyPGXW7eg-kA3QJQNLXP_etngyC0DRFn_R-PcjZOwQYTJAG09FfufsDiF8wTc7UzuJggQ6k31egQvWWjMMfVZFSF9j-jAwWJSQ_kAjVmOejzcssGnnwb_oKRYksG5Psd5CsP6V2ldrO7A68ZRP5SooeLHeFKv-_bGICPS__nP3oPv-Ur_KTAupslWgOPOgt2ibZhgg3Jkv60fPyOMCVzn0U-fMIOegihYl1fN5CP-rQ-CsLFPC-RAiInIFNnY4cFtan9H4_1dZn6T2VxXY4qG9XumFQuGOYqCO4BZjmfd6j45vOwZo9ujj0axo9jmCfB5aZhVIJCk-NOJHJPr7-CANV85Is-eZWpqCmBRCWJVDhZdVKeYe-eU6Wd-Mje9b6kRqQbUuqxPwYivTkmqVQxs3BucUMMeeDY46PT1_sNnr29kKDe1IZlDoVRr4gXDdaok_JCL&cid=CAASEuRoVPNCr1PfZEmbW-F1Kx9zSQ&rfl=2%2Chttps%253A%252F%252Fportaldobitcoin.uol.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:18:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 407
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 22:18:27 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220131/r20110914/ Frame 9A37 24 KB
9 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220131/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fa038660bda739cd06e007628e1d7b8ad1d300aff5c9acce85e73f9ecacc2ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9488
x-xss-protection: 0
server: cafe
etag: 10429589367799073301
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 22:24:39 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 34ms
33ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1739137194&t=event&ni=1&_s=2&dl=https%3A%2F%2Fportaldobitcoin.uol.com.br%2F&ul=en-us&de=UTF-8&dt=Portal%20do%20Bitcoin%20-%20A%20nova%20economia%20e%20o%20futuro%20do%20dinheiro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=consent%20banner&ea=impressao&el=componente%20visualizado&_u=6GDAAUABAAAAAC~&jid=&gjid=&cid=289430633.1643754313&tid=UA-97689914-231&_gid=601692819.1643754313&cd1=Parceiros&cd2=Portal%20do%20Bitcoin&cd3=Portal%20do%20Bitcoin&cd11=normal&cd4=289430633.1643754313&cd66=1643754314324.mvm2rx0o&cd85=dd991084-5a0b-415f-930f-ee32a2c7e3bc&cd87=banner%20pendente&cd88=banner%20pendente&z=957957255

Requested by

Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 09:51:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45223
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9A37 41 KB
15 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:45:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175195
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 30 Jan 2023 21:45:19 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5F4B 1 KB
749 B 30ms
30ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Tue, 01 Feb 2022 05:53:44 GMT
expires: Wed, 02 Feb 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 59490
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 167 B
487 B 258ms
153ms XHR
application/json 2a04:4e42:200::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=uol.com.br&domain=portaldobitcoin.uol.com.br&path=%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f534e664d4e466f0c530d4dfbe4fc5803dc9473d7886848faa4d1fd392cda453

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:14 GMT
content-encoding: gzip
x-cache-hits: 0
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 133
x-served-by: cache-mxp6951-MXP
access-control-allow-origin: *
x-timer: S1643754314.481814,VS0,VE104
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Sun, 30 Jan 2022 22:25:14 GMT

GET
DATA 200
OK truncated
/ Frame 9A37 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d94df92f8f4fa03f69f6c0c743c7548b5dbb361a8277c44f4761d72f7c33325

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 459ms
170ms Image
image/gif 23.22.200.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=uol.com.br&p=%2F&u=CSB792Bbc4Q4CLXh9T&d=portaldobitcoin.uol.com.br&g=61085&g0=Total%20Parceiros%2CParceiro%20-%20Portal%20do%20Bitcoin&g1=portaldobitcoin&n=1&f=00001&c=0&x=0&m=0&y=4526&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=3529&t=yeRO5BthhxDCBm9hZwfkTHD6J0n5&V=129&i=Portal%20do%20Bitcoin%20-%20A%20nova%20economia%20e%20o%20futuro%20do%20dinheiro&tz=0&sn=1&sv=DvgCEvDQnsrxiImTKCjZhr_OCpKf&sd=1&im=061b2ff3&_
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.200.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-200-199.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:14 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C64A 22 KB
8 KB 38ms
38ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Jan 2022 17:31:54 GMT
expires: Sun, 29 Jan 2023 17:31:54 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 276800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 5F4B
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEH_UYCPwimsGM4i7rODlxw4&google_cver=1&google_push=AYg5qPL6x1T5jmznr6m6s0fS6YhJ7n02m2jUYU9lZOCyG4GxaO-Dnh8EiXJu-cHZYoURSGp1gza1eA99bxtpFP7_Y8mbmEYXPdO0&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEH_UYCPwimsGM4i7rODlxw4&google_cver=1&google_push=AYg5qPL6x1T5jmznr6m6s0fS6YhJ7n02m2jUYU9lZOCyG4GxaO-Dnh8EiXJu-cHZYoURSGp1gza1eA99bxtpFP7_Y8mbmEYXPdO...

43 B
441 B

246ms
233ms

Image
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEH_UYCPwimsGM4i7rODlxw4&google_cver=1&google_push=AYg5qPL6x1T5jmznr6m6s0fS6YhJ7n02m2jUYU9lZOCyG4GxaO-Dnh8EiXJu-cHZYoURSGp1gza1eA99bxtpFP7_Y8mbmEYXPdO0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPL6x1T5jmznr6m6s0fS6YhJ7n02m2jUYU9lZOCyG4GxaO-Dnh8EiXJu-cHZYoURSGp1gza1eA99bxtpFP7_Y8mbmEYXPdO0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:15 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6d6e9833cf96839a-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:14 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 664
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6d6e983209e0839a-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEH_UYCPwimsGM4i7rODlxw4&google_cver=1&google_push=AYg5qPL6x1T5jmznr6m6s0fS6YhJ7n02m2jUYU9lZOCyG4GxaO-Dnh8EiXJu-cHZYoURSGp1gza1eA99bxtpFP7_Y8mbmEYXPdO0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPL6x1T5jmznr6m6s0fS6YhJ7n02m2jUYU9lZOCyG4GxaO-Dnh8EiXJu-cHZYoURSGp1gza1eA99bxtpFP7_Y8mbmEYXPdO0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5F4B
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEKd_dg7UJ5_U-20Pg5ye4zM&google_cver=1&google_push=AYg5qPKcU6LzFibOQw6O7j2tap5_VwNn-ZKxf7TLhj-owJPzVOolaegYQfv4sA2F3mOT6UrIdz7oc9KmsB2a1PWG...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=04r_XOq0R3GJXYs2eOEnZQ2&google_push=AYg5qPKcU6LzFibOQw6O7j2tap5_VwNn-ZKxf7TLhj-owJPzVOolaegYQfv4sA2F3mOT6UrIdz7oc9KmsB2a1PWGtwUXGhdU-trT

170 B
188 B

60ms
60ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=04r_XOq0R3GJXYs2eOEnZQ2&google_push=AYg5qPKcU6LzFibOQw6O7j2tap5_VwNn-ZKxf7TLhj-owJPzVOolaegYQfv4sA2F3mOT6UrIdz7oc9KmsB2a1PWGtwUXGhdU-trT

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 01 Feb 2022 22:25:14 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.15.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=04r_XOq0R3GJXYs2eOEnZQ2&google_push=AYg5qPKcU6LzFibOQw6O7j2tap5_VwNn-ZKxf7TLhj-owJPzVOolaegYQfv4sA2F3mOT6UrIdz7oc9KmsB2a1PWGtwUXGhdU-trT
x-host: tde-deliveryengine-production-655df8fcc8-c6btw
alt-svc: clear
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5F4B
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMXdPFrN1-2FP6TmpQCsN1A&google_cver=1&google_push=AYg5qPIjhTvt5EShk9NN38-K8IlPcPVD2a78cTA9opGASCqxo_eUC5vLIR6lPa2iqSaFnvPICOeBfmoE...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMXdPFrN1-2FP6TmpQCsN1A&google_cver=1&google_push=AYg5qPIjhTvt5EShk9NN38-K8IlPcPVD2a78cTA9opGASCqxo_eUC5vLIR6lPa2iqSaFnvPICOe...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjY5MjcxMzA5MjI4OTk3MDc1&google_push=AYg5qPIjhTvt5EShk9NN38-K8IlPcPVD2a78cTA9opGASCqxo_eUC5vLIR6lPa2iqSaFnvPICOeBfmoE...

170 B
188 B

85ms
84ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjY5MjcxMzA5MjI4OTk3MDc1&google_push=AYg5qPIjhTvt5EShk9NN38-K8IlPcPVD2a78cTA9opGASCqxo_eUC5vLIR6lPa2iqSaFnvPICOeBfmoETkH6sgLDkCUhs23MVthL

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:14 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjY5MjcxMzA5MjI4OTk3MDc1&google_push=AYg5qPIjhTvt5EShk9NN38-K8IlPcPVD2a78cTA9opGASCqxo_eUC5vLIR6lPa2iqSaFnvPICOeBfmoETkH6sgLDkCUhs23MVthL
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5F4B
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UBkf9eqtTGOxbO6ah6tKtQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

175ms
174ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UBkf9eqtTGOxbO6ah6tKtQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL_q0N3qdF1ETdEsc_Y1pbh5Dt4wmHeswYetPw4kTguUdnUoegezTeMy3Ag9Q6E_ymvKcS6tD_8WXc6nQXPLsC7Lj6iJ9qg

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UBkf9eqtTGOxbO6ah6tKtQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL_q0N3qdF1ETdEsc_Y1pbh5Dt4wmHeswYetPw4kTguUdnUoegezTeMy3Ag9Q6E_ymvKcS6tD_8WXc6nQXPLsC7Lj6iJ9qg
date: Tue, 01 Feb 2022 22:25:14 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET

pixel
cm.g.doubleclick.net/ Frame 5F4B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmR...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5F4B
Redirect Chain

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEF_Gj0DfWWBUS8kc4hlYo6M&google_cver=1&google_push=AYg5qPLkWTf6R2qFxRfoeY5jD5MvEc1ZF2DVcR7mlw6OQeoj0Jigodvp...
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEF_Gj0DfWWBUS8kc4hlYo6M&google_cver=1&google_push=AYg5qPLkWTf6R2qFxRfoeY5jD5MvEc1ZF2DVcR7mlw6OQeoj0Jigodvp...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEF_Gj0DfWWBUS8kc4hlYo6M&google_cver=1&google_push=AYg5qPLkWTf6R2qFxRfoeY5jD5MvEc1ZF2DVcR7mlw6OQeoj0Jigod...
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBkM2E5MjBhMy04M2FkLTExZWMtYjgxNy0wMjU4YTU0OTE2NTY%3D&google_push=AYg5qPLkWTf6R2qFxRfoeY5jD5MvEc1ZF2DVcR7mlw6OQeoj0JigodvpNsvdQBR0M9...

170 B
188 B

87ms
87ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBkM2E5MjBhMy04M2FkLTExZWMtYjgxNy0wMjU4YTU0OTE2NTY%3D&google_push=AYg5qPLkWTf6R2qFxRfoeY5jD5MvEc1ZF2DVcR7mlw6OQeoj0JigodvpNsvdQBR0M9QLdPb5NSGKHs8WAe_WEvsznaE_ADpzyXGCig

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBkM2E5MjBhMy04M2FkLTExZWMtYjgxNy0wMjU4YTU0OTE2NTY%3D&google_push=AYg5qPLkWTf6R2qFxRfoeY5jD5MvEc1ZF2DVcR7mlw6OQeoj0JigodvpNsvdQBR0M9QLdPb5NSGKHs8WAe_WEvsznaE_ADpzyXGCig
date: Tue, 01 Feb 2022 22:25:14 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5F4B
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENNSySSH0jNqDOLhotRiAaE&google_cver=1&google_push=AYg5qPI8Iy0t7NXLu1uQclrXGAa8MuzaLPpJNtB6ZSl89HB9WCTZacmdEaDaFuLgwDppXMVcsd...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENNSySSH0jNqDOLhotRiAaE&google_cver=1&google_push=AYg5qPI8Iy0t7NXLu1uQclrXGAa8MuzaLPpJNtB6ZSl89HB9WCTZacmdEaDaFuLgwDppXMVcsd...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1xSGp1VmJ0RTJ1RWFPSkg5cENoaG5jYjFDR0xZUFQueX5B&google_push=AYg5qPI8Iy0t7NXLu1uQclrXGAa8MuzaLPpJNtB6ZSl89HB9WCTZacmdE...

170 B
188 B

84ms
83ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1xSGp1VmJ0RTJ1RWFPSkg5cENoaG5jYjFDR0xZUFQueX5B&google_push=AYg5qPI8Iy0t7NXLu1uQclrXGAa8MuzaLPpJNtB6ZSl89HB9WCTZacmdEaDaFuLgwDppXMVcsd3Eor3IFGuxj-vTJZ-6KZMPy5xH

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1xSGp1VmJ0RTJ1RWFPSkg5cENoaG5jYjFDR0xZUFQueX5B&google_push=AYg5qPI8Iy0t7NXLu1uQclrXGAa8MuzaLPpJNtB6ZSl89HB9WCTZacmdEaDaFuLgwDppXMVcsd3Eor3IFGuxj-vTJZ-6KZMPy5xH
date: Tue, 01 Feb 2022 22:25:14 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5F4B 0
12 B 91ms
47ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K3JD4vnb_LZO7gSamI0Nsa9X534MSNjn1b4MOvJ3jZPxrOox3patxdUXOHZIYoNUEvqURgzhk

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:14 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17958001102165811819/ Frame CF7B 71 KB
22 KB 85ms
42ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17958001102165811819/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3af14eb5abf9650deec9b50f619bd457a8bf949953bcf5d1b93ece38828c8570

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 22868
date: Fri, 28 Jan 2022 12:37:27 GMT
expires: Sat, 28 Jan 2023 12:37:27 GMT
cache-control: public, max-age=31536000
age: 380867
last-modified: Fri, 08 Oct 2021 10:02:56 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9A37 0
571 B 185ms
87ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssCMUyiVqbU07PYhezJEm5e9CHOy9wsxahn6QdxCE801zloNBpP4LIWmsiSRYVhlgYQ9FlTuXDopg0X0NO7G9BtB_xL6M27k_CfKepfIZkq2Bmgj5viEUMyJXw9iYR9xjRaanqaROoHncWnf1bK5iCFCERztcCsjp1oWFh4409cbD6mhK2kdeWV6BST4VLsNk6jS0qSIrUlwoWbDbQPGL6UcbD_Lvrjgp4U7ITI5WdXXYhcuKS0E7k7IxREiiMOaDr2iqOs3ZwyosYh4WM6DLDpbjrrig1_snY6cM2qyHhgGW779RAhb_wIEfH7FWKha5FYeMPlDIHnQjVXoXtinMmEXn_2PzO5OQgiOj018_Z8ToPq7dosg-zOJhf4E9H0jbvbaZ_-lGIXUTVfUPHo4Ae4-IUiPAXWcD0XJ1MGjF2rGbhNRUZulfz1mdXj0E0nZj5F9I22EVkljjes0BhdrTfcypGXH73fXJV72rBCJAcBPYvV6hHnBEYmFZsvJ0x3fNrtDnjCsLAb3QjcX413GuSwdr5XsgPJdFi4eEPxM1qwGXSl4i1pGtDUJk5wAqZ5J1dK7ZiWQ8LRnIETFx0o6IRmSILLDODdYF979J9a8RpMXU9TApbDni3Db2TkCGFblMXXkGdZhO_a-UMSL-hXCXlI1Jb_5SRZ9iAv04uwGOAcCch96iOs3dglsCs_uV4DH3-ZFRrcD3wjbN2u0n1jmDhlFiFoHxqXS2AxqvWUp-7mYzzukAoVLIy2d3vHRfM7HuZV56Y3IlPeS0-U_vX4ZViwEFej4T4Uf45lChygk-VNZKti1UMNmqt5fEFh6SbecRlOHNIVMB47o-n3rcQ47t3CSV2ceWeGi-w8kdn2sTmgEquGdwWOIorg6lSB2oH1tFxHsPkz4YQaeSLafyvOOMcoKUO1ZNVBvKwLaSpxrusPPMe_qs3rN7FQ5l75vY1EL4PDQ14xCpyrEl6QCSvNuWuQed7fehqtXoP2FY3Wj4xTwNZnzFnnNGWcB7au4DPbejhU0Zz8fyzLZJ5Ot6qOpG2Mz0lx8AFFrpGIZ6Qvc3cdbfZubaIPFJP5nFfJTSXH7hvQWNvdGA-WT5hg-VVllu69jSl2zah-w7zAGVfnYeIruN1qcM_uT-EmbIat9fssfDYRKFF5AoWjjgT6TpHdiYAgOnHvUcInQGQS13C025s6YkvsvjKZeZ1E3E1ocKcbPYppBNDGlTjZgaJBw17uXsk7WrebdV-HUnjmLJQS9c5rGfLbVtLOSnEkaru9UJ8&sai=AMfl-YSHoke253GZObi6k7Nmrh2KZZb-PBvB2FbNdSNKbHpPJyGg5WPyf5TtOWAaLJx9iEoK077zaigri_nVymttNEEtq0ZAtd6A_e1blGEaO34InoVx5AFLxuzBHPU-aA2ODbr19Try1L5LFMqbgFWPlOXTTWyERxsp_5XsMBbrc9sWb6_QD2UUw3k&sig=Cg0ArKJSzLVFHkjspNn-EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=156&cbvp=1&cstd=153&cisv=r20220131.79311&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 01 Feb 2022 22:25:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 container.html Show response
c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7BF0 6 KB
3 KB 40ms
39ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 01 Feb 2022 22:25:13 GMT
expires: Wed, 01 Feb 2023 22:25:13 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 -RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js Show response
pagead2.googlesyndication.com/bg/ Frame C64A 35 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f91417ba47adb96f6358862c68ce52f90977d4f5e806c99deaf76414766d0d02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 20:20:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 353066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13701
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Jan 2023 20:20:48 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame CF7B 9 KB
877 B 118ms
69ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:regular,italic,700,700italic&cb=1633685103

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17958001102165811819/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6823285eb46b5b3f5c60cedb96d66a4d18bdc335096705d9f9c72aa681ddab5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 21:11:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 01 Feb 2022 22:25:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 01 Feb 2022 22:25:14 GMT

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame CF7B 57 KB
23 KB 113ms
112ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17958001102165811819/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17958001102165811819/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Feb 2022 22:25:14 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 760E 624 B
297 B 55ms
54ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiA_aO-ATAB&v=APEucNVy7T_RqPVpn6XWmLTPPlc8Q7bMoXIA5e25y9BXid2GCNYU6DxUfSVcxnjkZb-6bnlobwAB0BTBbqEwMGGxmoZvsi1qxBYuHvkYNsd0_uMuipCkRjDZ2AE72T1u0aoprkBPRG5aMGOxfFzKFSX_X_QcyqzjIhNXHYvQpC0TpFXV-jv8iNw

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 01 Feb 2022 22:25:14 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7BF0 80 KB
32 KB 103ms
103ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AeSm7d9aD4f7H-zErXapyORjqUinmkxnW1Y4FzxHXlkGsI_XYBiGbhmRC5GyZdtn4SrRtHYu86Wb_ekKq8PyPOmwZyJAQuN9H15acSy9kscX8gtyb9POn5-RNeacbya_Q5MMqeiIoYAZjgbl8UQAKh-eemeg&dbm_d=AKAmf-DT4CGRsME52wxI_EcrJqO179CXsah1DLVtMsDIh5j5H9VvzECrEevcC2OaZr2wvCKfanRlobl7bEIqouwISAmT-9L-5b1aT-rocDLH0OIer_8YDTw-GjvbuXZT_IYJ9wpOVM8WlAjngbsdsJMSbXYQzUxo3Ast1ODnmihutmYvEr6qfrniVp3nV-p2aYeKd7hLWogsF7qwFxCGISmJ3qd0ppPa5V_EhfCQDwZ7nMGS8CmuLzolTcyw0uFRWWb5a1EtLhxMiYYTEdt9_ws2Vi6uTHVjubGed7PLNegiXlEYgbt6uwHl8XwIfGzer6fgC7CdlKf7zKmq44v1ihSI9QmGXtkxtw0iYHb7L-34AFUWVxi5Yrqzb9_B0lch8cMUX9msZsqvcw0i17cT1UKcJfk3obZtrLcHpnEztFmW0seE7cG3TC1BpCnYSNiVFc-N9HDN2B5s3IsW7NckbES9TYFOghStzzDYSFdBlOZjW_RftGcTFe0ZDevZRC2eZ9D4KVQgFQ3GS6CjbgJXR9yAhiKg06xrF0rFfpG3baqxy853tG3s5QUONfHgmrEwrNhl9Wova7i613yfoxvLQ-nf8LRp-xts3Xdd2JpyF2Z34cJ2B-HwWBMcog60A_qSXaUSCGtKF8eUi4sUTVjegNpWnpccQvf1bgrUuUGaKYmgCZ4Nn-A8Q2WWmOS0bPrm7osuMsO0hjirGKFGHKwzm-A0bBABEau1vhfuqKdXjM0SlzBJ9c-_bS6A4wkKlmEVXOJGZLJk0Pd5qgl3-wYXRtCOO_-KNBCbjG7vgm7FEWO7kWO6b2LfNsXkGcnF9yB0nwfs7PGpa1UALhjySrNXVdPNqqCEcqcM7jwZbEHMMXXQACKQEtiGHdTQNmxDRhzicQQoAZCfudLDXtiGljbvmItHr7JIx1A_tkdFEmTx2AZ0O6HmVYipGw2C11t19B3AF9HLvswoEoW8B-ZQCCR0TT88pP8WmzUmH9hpCOU8lusYE7X9_QkKR13aQowXljmqi11W7tNq78qvOQc9O1sz63MBEbYQRyZtVAnnPh3S2Xo-9OyUWZo22Ig5tGn7YjesV8cHmMrboCNajmbxQUJxWBCx9IrqRzwYk6ar72KGuHVOVC3J4yQqRSLrzc2fhhl8cw2lUdgmien9nYLZX_Rea6s3ThURPYAil1v8kIfUxCulsOMYpwV0rhi6MSTCJAyh4MsCKFyzLg803yx_UuIsEiBsmmISvjNtXCPwgDRm98eYlnF2m3JaTUin_gVjYzTX2Gv4z8sXCTZ5xwp99Xldfs3v250fkZM7c5sAjWLWXYMyDcvXnJGVllvyopG-1v8TnSdgMA6JQZbVETUaudFK7x0L_j1qmHISEOnC380aAR1JoAGZRwRBlpK7gLXbF3jiNHOFm5K0FJ0etG44cxH51gEqEZAuD47a-C3cwIt-AbqaOKAEhSx6zbEASswkFvLAE-hJvkhcIXUo4W5kXOY_2oc7WvywTssznbLpFxMumeMHXnJ0YnCWUOhbMPQ2YQs6rlwgN1dKaY5LyAL9rOhTG9lSx5uwQX-1T_6_Nzi4sVSm7zjU4DNjlopxnUEmOET6RzSlY9Dv1zIaR3DuVW-mvhQ3PG566EnJtHkybtFDJ-mU1YNGWglnjrwi0vghkFWsRRAJD4JAmbZ99-z4w7hA4XX1R_ZghVZrOZwVHlQeDaWschc54yioKQyAYfP0SdhYRbFuWDdmEIr8VolZJuGCpXyBALjfWhvxiKSJkildupNGHU2ayTNij_OgECNhc2ncnt0N4xNImCUYvsuPeR2OCKZi7QDicRlqHBBFB4l9LSQGUH5-LB8eEr71Rqgzr6VvYpGD4ydlTJJOp1O_UkLmHmWt7hIlVPgEkUaZKqNihMd1o7uYiWB3m4V81R7ssNp2QcpC5nhPGcBBtYqPOayKoTdqZGOKOCyjkNct1i9-ub-VdHiFYYFcMls4OPwkSQHjoatac-qar75afJF3ak60Ovr6Mkr8-j0UeMHG4bb7xombv87r7HTa8W_Tp8KHs4d1--e3CsHtF79M5kBn0T-jPx1UlZ8uxROwVwmYMy5SOmG2sLyxeZT-1yXA-4DkvVvw5Cd1w_aINXmNmLeH4a4F5wzmYWkjneu4Eb58xqaifS61QqElJ8aiJmQvaCfJkJUWDKjjsMG5Y5CcMN_r6-_iW_u9-f0UJNiDFsN45VAs3o82Lr6CUh19S6i_P5WS-uxuFoVLxIVJZJOnKe884924GSOKSaH4bNUQ47Y-bqfkulLWveaGtmvtjERyIMlpsssXZzKGSF3ryX0hWrLUNCzelMRATPNmBKi7MpXXk65H0nW9wJPyZjmEAh-pEg8KetnMa_b9ZJMQZsczyA3XvXzzk0cs9Zk1_Op5bNdAurvXTencHFCanGedXyY_BAqbMkzTPX9IubGxztVCBV4qSeJruLfVTyBUScPhr1FvvuuitqgXWP4DekpWsepMwQv4r_sMiDfjEFrWGHAsEyG48XXt3tWMZtjucIbsReHyF3VT_vl19WJBe0wTJ_8uslwrjwxu4H8M1hw9us69jnbxH9f-59gZuS0EiB6HeZBuA7zrr5OaRSbqIo-S09DFTGYVVPpR7CFFUchLZUSHzoT3Qu6fQB6J88CgHHdaaoVRkFkjBWimECUoZJANnfMSGV8xCdpvEUEk7OZ-nhcME-gwtX6WG9f2NipJbd3_Qn93ruTibVQBm9yysBH8zJrIfMsU3at0sY4y5Wn1tsKFlrUi82ok1eKr2Xqx27DVW7sMlsSOaPWPllYBD9t1RtO_EGGGgESQUQD0TxV8AR_aV4U91t7VPv7jbEBqDg1oNYjBxGjs4XhrvV6Ym6QTdHxYvtl1eqR5-LMN-qauLqvJ6NELelFmecjBw13RjvRQcv2uMzfdjP86HmVEJNJtmsgbhfykBQUadgmE1IFoz0Sv2Q4R6JM7--OYP32GHhii5bKoAuCCtFuAj-TzCufetcIVu5haCuX7Mxbf_cO2xLhBpwct5uX0wS3_bJGEAf6F41__sbGYAD2ggPjpIOLuCVuu_OLntqh7LOSwpyzMhfyN&cid=CAASEuRoSXv6D12CxRbsm6YeqBraeQ&rfl=1%2Chttps%253A%252F%252Fportaldobitcoin.uol.com.br%252F%240

Requested by

Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bde8ee7a5dafcd582aac127e0b48ffc72447e257e2752d49a2705afde999a576

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32677
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7BF0 42 B
63 B 80ms
80ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B4jMu0Z6GtkKH9Cf1M1Y0TCXamHL0jMU_R7sYA0BUFLSnoMD8v4cLCtVVYXchKzradKEB401P8Wwzx2tL4cTakFHGyqBocb22Xdk3M58K_wJTZeEU

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame 7BF0 2 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/window_focus_fy2019.js

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 22:23:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7BF0 123 KB
38 KB 89ms
89ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38373
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643632328463892"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 01 Feb 2022 22:25:14 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame 7BF0 14 KB
6 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fde98a3e06f299a73b0a3eb6c095649b9c3f9c342596091936a4675fd6980a1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:22:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6195
x-xss-protection: 0
server: cafe
etag: 17106829078744545694
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 22:22:33 GMT

GET
H2 200 KMA9C2O70iP6CHSgXk0LGaQ8ML9m6vJE4RIi1Rf61p4.html Show response
s.dynad.net/stack/ Frame C79C 6 KB
6 KB 387ms
188ms Document
text/html 18.66.97.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dynad.net/stack/KMA9C2O70iP6CHSgXk0LGaQ8ML9m6vJE4RIi1Rf61p4.html?v69
Requested by: Host: t.dynad.net
URL: https://t.dynad.net/script/?dc=5550009734;ord=0;click=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-94.fra56.r.cloudfront.net
Software: Apache-Coyote/1.1 / DynAd.net 2021
Resource Hash: fdac1a3247f6636b0a366c779803ca0af16f5cf36b2ab34a5d48a0911cd59e1a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/

Response headers

content-type: text/html
content-length: 5980
server: Apache-Coyote/1.1
cache-control: public, max-age=1666800
x-dynad-assets: v2.421 Thessaloniki
expires: Sat, 05 Feb 2022 00:48:29 GMT
pragma: cache
last-modified: Sun, 16 Jan 2022 17:48:29 GMT
date: Sun, 16 Jan 2022 17:48:29 GMT
x-powered-by: DynAd.net 2021
access-control-allow-origin: *
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-cacheable: maximal 144h instead of 463.000h
x-varnish: 923299588 846835750
via: 1.1 varnish-v4, 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: UlI1J2Todg4Npw3RgmYf24SO11cEuFgy-KbAS2HAcZV3qQNxUvj3fQ==
age: 1399005

GET
H2 200 928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html Show response
s.dynad.net/stack/ Frame C43F 53 KB
54 KB 399ms
201ms Document
text/html 18.66.97.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html
Requested by: Host: t.dynad.net
URL: https://t.dynad.net/script/?dc=5550009734;ord=0;click=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-94.fra56.r.cloudfront.net
Software: Apache-Coyote/1.1 / DynAd.net 2021
Resource Hash: ba70adf2020216558d39892f39d469a3b8eabefe26e3fe038c4e14272fcc1506

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/

Response headers

content-type: text/html
content-length: 54425
server: Apache-Coyote/1.1
cache-control: public, max-age=709200
x-dynad-assets: v2.421 Thessaloniki
expires: Sun, 06 Feb 2022 05:33:11 GMT
pragma: cache
last-modified: Sat, 29 Jan 2022 00:33:11 GMT
date: Sat, 29 Jan 2022 00:33:11 GMT
x-powered-by: DynAd.net 2021
access-control-allow-origin: *
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-cacheable: maximal 144h instead of 197.000h
x-varnish: 1055095306 1020079288
via: 1.1 varnish-v4, 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: raAh9eXFdRGS_Jxp7AbEZFEvnfkwUYFs5HEwM7LL4dOMzKmb-XryHQ==
age: 337923

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 760E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA_VJlx1Z3eCOn3iPpn8ZpQ&google_cver=1

43 B
894 B

96ms
96ms

Image
image/gif

2.20.85.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA_VJlx1Z3eCOn3iPpn8ZpQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiA_aO-ATAB&v=APEucNVy7T_RqPVpn6XWmLTPPlc8Q7bMoXIA5e25y9BXid2GCNYU6DxUfSVcxnjkZb-6bnlobwAB0BTBbqEwMGGxmoZvsi1qxBYuHvkYNsd0_uMuipCkRjDZ2AE72T1u0aoprkBPRG5aMGOxfFzKFSX_X_QcyqzjIhNXHYvQpC0TpFXV-jv8iNw
Protocol: HTTP/1.1
Server: 2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-85-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 22:25:14 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 01 Feb 2022 22:25:14 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA_VJlx1Z3eCOn3iPpn8ZpQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 760E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfmzSnCf48JsP5.p9M3WQAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA_VJlx1Z3eCOn3iPpn8ZpQ&google_cver=1&google_hm=2

43 B
894 B

96ms
95ms

Image
image/gif

2.20.85.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA_VJlx1Z3eCOn3iPpn8ZpQ&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiA_aO-ATAB&v=APEucNVy7T_RqPVpn6XWmLTPPlc8Q7bMoXIA5e25y9BXid2GCNYU6DxUfSVcxnjkZb-6bnlobwAB0BTBbqEwMGGxmoZvsi1qxBYuHvkYNsd0_uMuipCkRjDZ2AE72T1u0aoprkBPRG5aMGOxfFzKFSX_X_QcyqzjIhNXHYvQpC0TpFXV-jv8iNw
Protocol: HTTP/1.1
Server: 2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-85-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 22:25:14 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 01 Feb 2022 22:25:14 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA_VJlx1Z3eCOn3iPpn8ZpQ&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 760E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJTjXMtVGrmqyhaKEkRabP8&google_cver=1

43 B
1003 B

110ms
110ms

Image
image/gif

185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJTjXMtVGrmqyhaKEkRabP8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiA_aO-ATAB&v=APEucNVy7T_RqPVpn6XWmLTPPlc8Q7bMoXIA5e25y9BXid2GCNYU6DxUfSVcxnjkZb-6bnlobwAB0BTBbqEwMGGxmoZvsi1qxBYuHvkYNsd0_uMuipCkRjDZ2AE72T1u0aoprkBPRG5aMGOxfFzKFSX_X_QcyqzjIhNXHYvQpC0TpFXV-jv8iNw

Protocol

HTTP/1.1

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 22:25:14 GMT
X-Proxy-Origin: 217.64.151.30; 217.64.151.30; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d0f7cd33-39ad-422a-82a2-61bbff276dc7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJTjXMtVGrmqyhaKEkRabP8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 760E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc2OTg4NzI1NTc5NjEzOTE0

170 B
188 B

61ms
61ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc2OTg4NzI1NTc5NjEzOTE0

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 22:25:14 GMT
X-Proxy-Origin: 217.64.151.30; 217.64.151.30; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: de2bad49-e528-4667-bc4f-f4555671b7e2
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc2OTg4NzI1NTc5NjEzOTE0
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 7BF0 169 KB
59 KB 153ms
74ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
Origin: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 15:21:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25417
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Feb 2022 15:21:37 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220131/r20110914/elements/html/ Frame 7BF0 8 KB
3 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220131/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AeSm7d9aD4f7H-zErXapyORjqUinmkxnW1Y4FzxHXlkGsI_XYBiGbhmRC5GyZdtn4SrRtHYu86Wb_ekKq8PyPOmwZyJAQuN9H15acSy9kscX8gtyb9POn5-RNeacbya_Q5MMqeiIoYAZjgbl8UQAKh-eemeg&dbm_d=AKAmf-DT4CGRsME52wxI_EcrJqO179CXsah1DLVtMsDIh5j5H9VvzECrEevcC2OaZr2wvCKfanRlobl7bEIqouwISAmT-9L-5b1aT-rocDLH0OIer_8YDTw-GjvbuXZT_IYJ9wpOVM8WlAjngbsdsJMSbXYQzUxo3Ast1ODnmihutmYvEr6qfrniVp3nV-p2aYeKd7hLWogsF7qwFxCGISmJ3qd0ppPa5V_EhfCQDwZ7nMGS8CmuLzolTcyw0uFRWWb5a1EtLhxMiYYTEdt9_ws2Vi6uTHVjubGed7PLNegiXlEYgbt6uwHl8XwIfGzer6fgC7CdlKf7zKmq44v1ihSI9QmGXtkxtw0iYHb7L-34AFUWVxi5Yrqzb9_B0lch8cMUX9msZsqvcw0i17cT1UKcJfk3obZtrLcHpnEztFmW0seE7cG3TC1BpCnYSNiVFc-N9HDN2B5s3IsW7NckbES9TYFOghStzzDYSFdBlOZjW_RftGcTFe0ZDevZRC2eZ9D4KVQgFQ3GS6CjbgJXR9yAhiKg06xrF0rFfpG3baqxy853tG3s5QUONfHgmrEwrNhl9Wova7i613yfoxvLQ-nf8LRp-xts3Xdd2JpyF2Z34cJ2B-HwWBMcog60A_qSXaUSCGtKF8eUi4sUTVjegNpWnpccQvf1bgrUuUGaKYmgCZ4Nn-A8Q2WWmOS0bPrm7osuMsO0hjirGKFGHKwzm-A0bBABEau1vhfuqKdXjM0SlzBJ9c-_bS6A4wkKlmEVXOJGZLJk0Pd5qgl3-wYXRtCOO_-KNBCbjG7vgm7FEWO7kWO6b2LfNsXkGcnF9yB0nwfs7PGpa1UALhjySrNXVdPNqqCEcqcM7jwZbEHMMXXQACKQEtiGHdTQNmxDRhzicQQoAZCfudLDXtiGljbvmItHr7JIx1A_tkdFEmTx2AZ0O6HmVYipGw2C11t19B3AF9HLvswoEoW8B-ZQCCR0TT88pP8WmzUmH9hpCOU8lusYE7X9_QkKR13aQowXljmqi11W7tNq78qvOQc9O1sz63MBEbYQRyZtVAnnPh3S2Xo-9OyUWZo22Ig5tGn7YjesV8cHmMrboCNajmbxQUJxWBCx9IrqRzwYk6ar72KGuHVOVC3J4yQqRSLrzc2fhhl8cw2lUdgmien9nYLZX_Rea6s3ThURPYAil1v8kIfUxCulsOMYpwV0rhi6MSTCJAyh4MsCKFyzLg803yx_UuIsEiBsmmISvjNtXCPwgDRm98eYlnF2m3JaTUin_gVjYzTX2Gv4z8sXCTZ5xwp99Xldfs3v250fkZM7c5sAjWLWXYMyDcvXnJGVllvyopG-1v8TnSdgMA6JQZbVETUaudFK7x0L_j1qmHISEOnC380aAR1JoAGZRwRBlpK7gLXbF3jiNHOFm5K0FJ0etG44cxH51gEqEZAuD47a-C3cwIt-AbqaOKAEhSx6zbEASswkFvLAE-hJvkhcIXUo4W5kXOY_2oc7WvywTssznbLpFxMumeMHXnJ0YnCWUOhbMPQ2YQs6rlwgN1dKaY5LyAL9rOhTG9lSx5uwQX-1T_6_Nzi4sVSm7zjU4DNjlopxnUEmOET6RzSlY9Dv1zIaR3DuVW-mvhQ3PG566EnJtHkybtFDJ-mU1YNGWglnjrwi0vghkFWsRRAJD4JAmbZ99-z4w7hA4XX1R_ZghVZrOZwVHlQeDaWschc54yioKQyAYfP0SdhYRbFuWDdmEIr8VolZJuGCpXyBALjfWhvxiKSJkildupNGHU2ayTNij_OgECNhc2ncnt0N4xNImCUYvsuPeR2OCKZi7QDicRlqHBBFB4l9LSQGUH5-LB8eEr71Rqgzr6VvYpGD4ydlTJJOp1O_UkLmHmWt7hIlVPgEkUaZKqNihMd1o7uYiWB3m4V81R7ssNp2QcpC5nhPGcBBtYqPOayKoTdqZGOKOCyjkNct1i9-ub-VdHiFYYFcMls4OPwkSQHjoatac-qar75afJF3ak60Ovr6Mkr8-j0UeMHG4bb7xombv87r7HTa8W_Tp8KHs4d1--e3CsHtF79M5kBn0T-jPx1UlZ8uxROwVwmYMy5SOmG2sLyxeZT-1yXA-4DkvVvw5Cd1w_aINXmNmLeH4a4F5wzmYWkjneu4Eb58xqaifS61QqElJ8aiJmQvaCfJkJUWDKjjsMG5Y5CcMN_r6-_iW_u9-f0UJNiDFsN45VAs3o82Lr6CUh19S6i_P5WS-uxuFoVLxIVJZJOnKe884924GSOKSaH4bNUQ47Y-bqfkulLWveaGtmvtjERyIMlpsssXZzKGSF3ryX0hWrLUNCzelMRATPNmBKi7MpXXk65H0nW9wJPyZjmEAh-pEg8KetnMa_b9ZJMQZsczyA3XvXzzk0cs9Zk1_Op5bNdAurvXTencHFCanGedXyY_BAqbMkzTPX9IubGxztVCBV4qSeJruLfVTyBUScPhr1FvvuuitqgXWP4DekpWsepMwQv4r_sMiDfjEFrWGHAsEyG48XXt3tWMZtjucIbsReHyF3VT_vl19WJBe0wTJ_8uslwrjwxu4H8M1hw9us69jnbxH9f-59gZuS0EiB6HeZBuA7zrr5OaRSbqIo-S09DFTGYVVPpR7CFFUchLZUSHzoT3Qu6fQB6J88CgHHdaaoVRkFkjBWimECUoZJANnfMSGV8xCdpvEUEk7OZ-nhcME-gwtX6WG9f2NipJbd3_Qn93ruTibVQBm9yysBH8zJrIfMsU3at0sY4y5Wn1tsKFlrUi82ok1eKr2Xqx27DVW7sMlsSOaPWPllYBD9t1RtO_EGGGgESQUQD0TxV8AR_aV4U91t7VPv7jbEBqDg1oNYjBxGjs4XhrvV6Ym6QTdHxYvtl1eqR5-LMN-qauLqvJ6NELelFmecjBw13RjvRQcv2uMzfdjP86HmVEJNJtmsgbhfykBQUadgmE1IFoz0Sv2Q4R6JM7--OYP32GHhii5bKoAuCCtFuAj-TzCufetcIVu5haCuX7Mxbf_cO2xLhBpwct5uX0wS3_bJGEAf6F41__sbGYAD2ggPjpIOLuCVuu_OLntqh7LOSwpyzMhfyN&cid=CAASEuRoSXv6D12CxRbsm6YeqBraeQ&rfl=1%2Chttps%253A%252F%252Fportaldobitcoin.uol.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:18:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 407
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 22:18:27 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220131/r20110914/ Frame 7BF0 24 KB
9 KB 72ms
72ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220131/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fa038660bda739cd06e007628e1d7b8ad1d300aff5c9acce85e73f9ecacc2ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9488
x-xss-protection: 0
server: cafe
etag: 10429589367799073301
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 22:24:39 GMT

GET
H3 200 033093dcc4b3d9a0c55a82b319857cfd.png
s0.2mdn.net/sadbundle/17958001102165811819/ Frame CF7B 179 B
206 B 76ms
76ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17958001102165811819/033093dcc4b3d9a0c55a82b319857cfd.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17958001102165811819/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff52e77e92ebac2ac40d34ba22d46a973f17759427f09c374b55e1e1c0bc954d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17958001102165811819/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 12:30:12 GMT
x-content-type-options: nosniff
age: 381302
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 179
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 10:02:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 28 Jan 2023 12:30:12 GMT

GET
H3 200 692194b914be16ba4c7fd50d2b359f83.png
s0.2mdn.net/sadbundle/17958001102165811819/ Frame CF7B 885 B
912 B 76ms
76ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17958001102165811819/692194b914be16ba4c7fd50d2b359f83.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17958001102165811819/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b89cf78a666983a961940e155386b7cbe0f104ded9139a509af316ad266db7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17958001102165811819/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 12:30:12 GMT
x-content-type-options: nosniff
age: 381302
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 885
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 10:02:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 28 Jan 2023 12:30:12 GMT

GET
H3 200 10e982c1815a0c9712c95545b6600a82.png
s0.2mdn.net/sadbundle/17958001102165811819/ Frame CF7B 8 KB
8 KB 76ms
76ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17958001102165811819/10e982c1815a0c9712c95545b6600a82.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17958001102165811819/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70981391c8766799262003ec9ea88137126e37529c6ba6b256677e38d0dc4549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17958001102165811819/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 12:30:12 GMT
x-content-type-options: nosniff
age: 381302
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8626
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 10:02:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 28 Jan 2023 12:30:12 GMT

GET
H3 200 b31daec66bf9c28d5af80e2cd85919ed.png
s0.2mdn.net/sadbundle/17958001102165811819/ Frame CF7B 1 KB
1 KB 159ms
158ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17958001102165811819/b31daec66bf9c28d5af80e2cd85919ed.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17958001102165811819/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a3495f9b6eecc87d4806359ca818194adf6784c4b1b01c9b27db703aa841468

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17958001102165811819/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 12:30:12 GMT
x-content-type-options: nosniff
age: 381302
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1388
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 10:02:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 28 Jan 2023 12:30:12 GMT

GET
H3 200 58fe4b78cb6b42ef35ee398d2881310d.png
s0.2mdn.net/sadbundle/17958001102165811819/ Frame CF7B 1 KB
1 KB 158ms
156ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17958001102165811819/58fe4b78cb6b42ef35ee398d2881310d.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17958001102165811819/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

474f7459231bfb540c70dc42c04766bddc36c1b395846cce58b235940f5149bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17958001102165811819/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 12:30:12 GMT
x-content-type-options: nosniff
age: 381302
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1054
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 10:02:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 28 Jan 2023 12:30:12 GMT

GET
H3 200 ea2163a39c26832a03955dda2534136f.png
s0.2mdn.net/sadbundle/17958001102165811819/ Frame CF7B 928 B
955 B 158ms
156ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17958001102165811819/ea2163a39c26832a03955dda2534136f.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17958001102165811819/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

478e9400d4daee656ea306f2d9e1a52e8b79ec2dce734a69104cbc12238afb1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17958001102165811819/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 12:30:12 GMT
x-content-type-options: nosniff
age: 381302
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 928
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 10:02:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 28 Jan 2023 12:30:12 GMT

GET
H3 200 e76bd597b3e8332d58dc89419a171712.png
s0.2mdn.net/sadbundle/17958001102165811819/ Frame CF7B 1 KB
1 KB 158ms
156ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17958001102165811819/e76bd597b3e8332d58dc89419a171712.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17958001102165811819/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b721ad5a520ac92408e22a65991fb6d2e6d4fe6c4b443b3f65b778a4726c01b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17958001102165811819/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 12:30:12 GMT
x-content-type-options: nosniff
age: 381302
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1214
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 10:02:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 28 Jan 2023 12:30:12 GMT

GET
H3 200 edb98e31112d7711f649d874fa55090b.png
s0.2mdn.net/sadbundle/17958001102165811819/ Frame CF7B 1 KB
1 KB 155ms
153ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17958001102165811819/edb98e31112d7711f649d874fa55090b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17958001102165811819/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f9a420d5ee2aac604f4a89e935a225d1bb2ea94837bd96bd84b9186dfbae792

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17958001102165811819/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 12:30:12 GMT
x-content-type-options: nosniff
age: 381302
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1143
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 10:02:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 28 Jan 2023 12:30:12 GMT

GET
H3 200 cc2bae30a41b48352ac924f8361504de.png
s0.2mdn.net/sadbundle/17958001102165811819/ Frame CF7B 939 B
966 B 156ms
155ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17958001102165811819/cc2bae30a41b48352ac924f8361504de.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17958001102165811819/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9d0c7386619ee9332d28a857852f6a36124d7ec75f10fef15d317535242c9b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17958001102165811819/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 12:30:13 GMT
x-content-type-options: nosniff
age: 381301
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 939
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 10:02:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 28 Jan 2023 12:30:13 GMT

GET
H3 200 f3614bfe3d07f9b34b40e9f01e912872.png
s0.2mdn.net/sadbundle/17958001102165811819/ Frame CF7B 1 KB
1 KB 155ms
154ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17958001102165811819/f3614bfe3d07f9b34b40e9f01e912872.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17958001102165811819/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83d56754fb658ec50906e682d45d01ec010e2f77d7da69fcc56a85ab276de39b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17958001102165811819/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 12:30:13 GMT
x-content-type-options: nosniff
age: 381301
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1142
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 10:02:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 28 Jan 2023 12:30:13 GMT

GET
H3 200 2a555557340424898f7432d2a66b6e73.png
s0.2mdn.net/sadbundle/17958001102165811819/ Frame CF7B 8 KB
8 KB 174ms
171ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17958001102165811819/2a555557340424898f7432d2a66b6e73.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17958001102165811819/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70981391c8766799262003ec9ea88137126e37529c6ba6b256677e38d0dc4549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17958001102165811819/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 12:30:13 GMT
x-content-type-options: nosniff
age: 381301
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8626
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 10:02:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 28 Jan 2023 12:30:13 GMT

GET
H3 200 8df1182e995d56db8bfc176f6fafb93c.png
s0.2mdn.net/sadbundle/17958001102165811819/ Frame CF7B 1 KB
2 KB 172ms
169ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17958001102165811819/8df1182e995d56db8bfc176f6fafb93c.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17958001102165811819/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd3871c5dc9d47fd4a3376b505550129eed1ef2bfc201b9b87fb374aed7737d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17958001102165811819/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 12:30:13 GMT
x-content-type-options: nosniff
age: 381301
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1518
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 10:02:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 28 Jan 2023 12:30:13 GMT

GET
H3 200 954cc831109841d5ba669ba18aade087.png
s0.2mdn.net/sadbundle/17958001102165811819/ Frame CF7B 8 KB
8 KB 179ms
177ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17958001102165811819/954cc831109841d5ba669ba18aade087.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17958001102165811819/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70981391c8766799262003ec9ea88137126e37529c6ba6b256677e38d0dc4549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17958001102165811819/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 12:30:13 GMT
x-content-type-options: nosniff
age: 381301
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8626
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 10:02:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 28 Jan 2023 12:30:13 GMT

GET
DATA 200
OK truncated
/ Frame CF7B 12 KB
12 KB Font
font/truetype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e645aa1499532236c890f328050813c6ae0129adec27552918a58e0a62b12f57

Request headers

Referer
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: font/truetype;charset=utf-8

GET
DATA 200
OK truncated
/ Frame CF7B 10 KB
10 KB Font
font/truetype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d9c73df8620d65afdfae662bb0ccb6732673273a25727e1b8d5690dfa060cd3

Request headers

Referer
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: font/truetype;charset=utf-8

GET
H3 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v25/ Frame CF7B 16 KB
16 KB 165ms
81ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v25/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:regular,italic,700,700italic&cb=1633685103

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f3dd8063edfcdb39f4a2163e59dbc73e16a688c59979a4103948fcbf060f385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 19:31:29 GMT
x-content-type-options: nosniff
age: 528825
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16168
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:56:49 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 26 Jan 2023 19:31:29 GMT

GET
H3 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v25/ Frame CF7B 16 KB
16 KB 159ms
75ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v25/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:regular,italic,700,700italic&cb=1633685103

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa5d2912bec294d33c9dc4be4a00a9a5f4ac993049a935f4535ae687e3b08d0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 19:31:29 GMT
x-content-type-options: nosniff
age: 528825
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16088
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:56:33 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 26 Jan 2023 19:31:29 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C64A 0
20 B 110ms
110ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BbzHdSrP5Yf-aDpfX7_UPvbqCgAsAAAAAOAHgBAI&bg=!9_Sl9LDNAAYZkRhwGZE7ACkAdvg8Ws2d0KwjWgxb_C1S8U8GDhSIa5I9aB4FbVO7lmPmg2F7VuNNigIAAACsUgAAAAFoAQeZA1q8uIvCr-x4vl9NHFc8aGId5C3S4dvRaIOJs2YZfi7m6rCONF-6IpUPHfShJw4JtZERzF0Gxuyu4zuMf-qna_bqDKvNozwaQ0KpkderguGWzRMbXhDe3rFlYpvR4S677tnRMpB5-RwTsxC0OrvJg1qn3sJDb53-Ul6q3pm-KtWSVP95I4g48qfnNWjbhGyKDR3t1VYFe7nf4vmBf_dAx-QT0dyu2gnUpRFigBM7ZzTOKHoGvGe2MZHPnqMaK0zf6uEADUZW9_D2lkQGEvLvz-FxfHGJHMGeCY0Uv9Sz8WcO1IZODqdwdOOXWx6_fSlHFStJ98yxvo1NKIYvCG_ZkWOJHaODFsey8jILfvHJ0IDK-RiROHRmlljcJXrmffvIbizfTxJ4m-azZ1WBabfdS3lSSLictOBe6mz7d8Vpjos_FMSqvQURFAbZF51yuwfz5Dh4sx4RjPdRzmbFqM5vUnxaArf3X6feSdKLaphwMOJ35QC9hfzzWtpS7KdKKqEQ459CjTcXyTQiaMyqNBextFBAome4j2d77iWmZ5DNV6_yhWFQDXqzqsL6WFT38qeyB0kj24ahz835gEWGmOHFPEWXwT1P_PGyBUIphPn1ZhXwbUcp53N0UQtQ4rWnivdbLa7hFtX-c7VCd5YkxvKHTSTWGzCINvbdjMIhoDym3vTmJxfvxhd5SatB9jjfAyiMM3Otqf2ZJxIfSDi23kFSulPBduFE_cETDB4GtPyLiXbBhXC0D8ag3MrBzkyQe_qYZF1CGsIJ-pcfTiyuTr3Tq9mDY8-lcjU5zOJmvsqskEnuVRy3UIX1kM_xaxYacESoO89faBevBEA480Q3mF1uj8DBfLaE3uMhIrk79crtlJWnx_iIgxE4i6Kp8BzLrQSvoU912sOEoDKpco-2aX-yfKa6CORlsXMROALT8iSG7R0JKFIz-hUABB3jOt_YCgC75Tz7hz1BOliVMA5eFW9WKmkEeubkf-81BBUZTcL7sVXg_-pu-aK6C_XJw4IrA9Mp6VgCagcOUQYMAQG0dTnUQy80PqtPIwOIjZdRRWI-1kEUc_3oXk7v2miVd-r66K4yXsUE19LLPEdPUcYVY-m6VzF1hdl7wJ1R7wBrdxX5scltOjN2yNPIE2TswVM

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7BF0 41 KB
15 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:45:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175195
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 30 Jan 2023 21:45:19 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 61AE 1 KB
749 B 72ms
72ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Tue, 01 Feb 2022 05:53:44 GMT
expires: Wed, 02 Feb 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 59490
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 7BF0 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea79220df5a0d40e93423c97ad9c6de0cc48cc6524c69d52d82b8f28baf629c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A88D 6 KB
3 KB 76ms
75ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 01 Feb 2022 22:25:13 GMT
expires: Wed, 01 Feb 2023 22:25:13 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 67EC 22 KB
8 KB 71ms
71ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Jan 2022 17:31:54 GMT
expires: Sun, 29 Jan 2023 17:31:54 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 276800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7BF0 0
20 B 101ms
101ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=30&d=1&s=1&f=0.01&bgai=BxpIgSrP5YZOjJOvU7_UP4fmn-A8AAAAAOAHgBAI

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 61AE
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGVNHY_NBeW39mxnWA6HrbI&google_cver=1&google_push=AYg5qPJyHhW9sx_OH4Jp3ZFDpPeHv36UyfGY35hg6YR_iuFbc_OyPUuJB2ZcStCPi8sc9RoTPRYP9pn-JhwewzE4WJCTullBc0c
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDIwMjYxNDQ5ODIwMDUzNDUwMw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEINK-Y40gF4tpE0Sj_kTFr0&google_cver=1

43 B
398 B

63ms
43ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEINK-Y40gF4tpE0Sj_kTFr0&google_cver=1
Requested by: Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:14 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEINK-Y40gF4tpE0Sj_kTFr0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 61AE
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENd0Pd4E7xHIRKwu_DziWVc&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENd0Pd4E7xHIRKwu_DziWVc&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V3BYZkFWaDUxTmYxQW41&google_gid=CAESENd0Pd4E7xHIRKwu_DziWVc&google_cver=1&google_push=AYg5qPIotN7NJvVbmV7VnPxCoNsVqBg_Cm05rsbjoYtsWEy...

170 B
188 B

43ms
43ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V3BYZkFWaDUxTmYxQW41&google_gid=CAESENd0Pd4E7xHIRKwu_DziWVc&google_cver=1&google_push=AYg5qPIotN7NJvVbmV7VnPxCoNsVqBg_Cm05rsbjoYtsWEyBSci2IEP5H0lrPNtVKfkEtI__yuNzEvbEOF7RLcEnq85CBzKU9w

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 22:25:14 GMT
Server: PingMatch/v2.0.30-702-g2925257#rel-ec2-master i-087e8c0a3b0870f0e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V3BYZkFWaDUxTmYxQW41&google_gid=CAESENd0Pd4E7xHIRKwu_DziWVc&google_cver=1&google_push=AYg5qPIotN7NJvVbmV7VnPxCoNsVqBg_Cm05rsbjoYtsWEyBSci2IEP5H0lrPNtVKfkEtI__yuNzEvbEOF7RLcEnq85CBzKU9w
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 61AE 70 B
265 B 234ms
57ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMZ1K11LjyHX9Gj2bUT9tfg&google_cver=1&google_push=AYg5qPK-HBvfOXmylkN_PDJM2Pw31KPcni6qjoSq_NoSV6hymasMSouenB2xm2DNYL1jHwk4Jxrna9gRGBDewbRRFx_bxoSqdJw
Requested by: Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:15 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 61AE
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOjt1CiWf-1myMBH690rF4E&google_cver=1&google_push=AYg5qPJR-Tx09nxEiny0fIRvWkqdQ_77-fDmR1Kh29hbvbI4TNPOulbQMNJ5w4sXGeD7wxOXBOhPF9Qg...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjY5MjcxMzA5MjI4OTk3MDc1&google_push=AYg5qPJR-Tx09nxEiny0fIRvWkqdQ_77-fDmR1Kh29hbvbI4TNPOulbQMNJ5w4sXGeD7wxOXBOhPF9Qg...

170 B
188 B

63ms
63ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjY5MjcxMzA5MjI4OTk3MDc1&google_push=AYg5qPJR-Tx09nxEiny0fIRvWkqdQ_77-fDmR1Kh29hbvbI4TNPOulbQMNJ5w4sXGeD7wxOXBOhPF9Qg8SUV2tXIQdOQZWBcTng

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:14 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjY5MjcxMzA5MjI4OTk3MDc1&google_push=AYg5qPJR-Tx09nxEiny0fIRvWkqdQ_77-fDmR1Kh29hbvbI4TNPOulbQMNJ5w4sXGeD7wxOXBOhPF9Qg8SUV2tXIQdOQZWBcTng
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 61AE
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPfSHKQtbb2bswaL7nFwRMg&google_cver=1&google_push=AYg5qPK5swuxSIGGThAY2VPf4bDV8zioZN7ncadveieaaCK9PSAIL_Odyf6Ep_zVzQyj8LGx89Y...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o0T1ZNUzgtTC1CNVVO&google_push=AYg5qPK5swuxSIGGThAY2VPf4bDV8zioZN7ncadveieaaCK9PSAIL_Odyf6Ep_zVzQyj8LGx89Y5FPKzy0OiQ0A0PRLfDd9bvlQ

170 B
188 B

42ms
41ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o0T1ZNUzgtTC1CNVVO&google_push=AYg5qPK5swuxSIGGThAY2VPf4bDV8zioZN7ncadveieaaCK9PSAIL_Odyf6Ep_zVzQyj8LGx89Y5FPKzy0OiQ0A0PRLfDd9bvlQ

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o0T1ZNUzgtTC1CNVVO&google_push=AYg5qPK5swuxSIGGThAY2VPf4bDV8zioZN7ncadveieaaCK9PSAIL_Odyf6Ep_zVzQyj8LGx89Y5FPKzy0OiQ0A0PRLfDd9bvlQ
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 61AE
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKDdJLngzQXVkeDpS2pJghA&google_cver=1&google_push=AYg5qPJQzW4gytjH7Euc5yLcMbVtWn31tRTGQiQYzW4fbVqhVYVNC9fNEHIcwuAAY6vjXjtwEu6dX2k7_pNIv6GY...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJQzW4gytjH7Euc5yLcMbVtWn31tRTGQiQYzW4fbVqhVYVNC9fNEHIcwuAAY6vjXjtwEu6dX2k7_pNIv6GYyY9Lw6YG5Q

170 B
188 B

44ms
44ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJQzW4gytjH7Euc5yLcMbVtWn31tRTGQiQYzW4fbVqhVYVNC9fNEHIcwuAAY6vjXjtwEu6dX2k7_pNIv6GYyY9Lw6YG5Q

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 01 Feb 2022 22:25:15 GMT
via: 1.1 7be6cb2d0156b563b6b1c8f2595ddd52.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJQzW4gytjH7Euc5yLcMbVtWn31tRTGQiQYzW4fbVqhVYVNC9fNEHIcwuAAY6vjXjtwEu6dX2k7_pNIv6GYyY9Lw6YG5Q
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: lYlk84ret1dCqH0fqqyuV5DglB3cGDIE35dD_hEO_w91lUGZ_DtcmA==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 61AE
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKxag09rWF55rUTS09N3LjM&google_cver=1&google_push=AYg5qPJ_MhaZyD8LNgxGw7xgepAiXWmwas0fUw3bgIxGK3bewUaTR2ohxO2Jb3swHq2Mmm9XmVSaBr6bdbki6-1uf09oJvAE0yk
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPJ_MhaZyD8LNgxGw7xgepAiXWmwas0fUw3bgIxGK3bewUaTR2ohxO2Jb3swHq2Mmm9XmVSaBr6bdbki6-1uf09oJvAE0yk&googl...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDUyODM1MTk0MTY0Mjc1MDkyOTQ5MA%3D%3D&google_push=AYg5qPJ_MhaZyD8LNgxGw7xgepAiXWmwas0fUw3bgIxGK3bewUaTR2oh...

170 B
188 B

43ms
43ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDUyODM1MTk0MTY0Mjc1MDkyOTQ5MA%3D%3D&google_push=AYg5qPJ_MhaZyD8LNgxGw7xgepAiXWmwas0fUw3bgIxGK3bewUaTR2ohxO2Jb3swHq2Mmm9XmVSaBr6bdbki6-1uf09oJvAE0yk

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDUyODM1MTk0MTY0Mjc1MDkyOTQ5MA%3D%3D&google_push=AYg5qPJ_MhaZyD8LNgxGw7xgepAiXWmwas0fUw3bgIxGK3bewUaTR2ohxO2Jb3swHq2Mmm9XmVSaBr6bdbki6-1uf09oJvAE0yk
date: Tue, 01 Feb 2022 22:25:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 61AE 0
12 B 79ms
78ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ImCLeyudSgVf99o-37P-NQMoQcz8t4Ln3uc4QJVTMUkVWGO6-FyYfo-Fk2jgQQAXqHCKFL

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:14 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7263 624 B
297 B 69ms
67ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYn6KFvgEwAQ&v=APEucNUb1cQ8M7kceWb2I_9KjLHwFINj6geUSJDn0hypA8uaIj8Cl7ngivxq7pKrHLEf7PheEkPgi2m_Sr9ImMIIsxOR-MlkBdkqPB7qTt3F71ypfRrxV-pTB_IlULI_pIEdklo5RRdfV3mnvp4iRplG2crHHNxqYU6Mi3zXiDHpmZy1mq232tQ

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 01 Feb 2022 22:25:14 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A88D 84 KB
33 KB 94ms
94ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AeNRdAY2KYQXMOt1nAQ-NmP_vTCGKFs0PAfn1v0spZ06hZX6irXC8NuabMdcSPL5JY417mqGh7BdOQXeCzRbOZFnMGagxbprIEpE-dCwmr5tYRjihGj8d4rzTvOVY7sf5QMPP4sFnhksZvX9bGUKcYt87lCg&dbm_d=AKAmf-CamlqFgB2l0leqXW4336yrgrajHu_uB7sDvQPKWb4c1EXnDHMqmM6eG_RkGzlNRxKehHb_rxTBx6jdsALxvcQtIkASmxTN58n2mtiRv7y6SBb2IhO-Yv2k8FlUdceYk2Hvfj5_v-AwQg9ZlNFFr9uZkcab36yUiZ6t3YZ1vRByW9J6EzK5R7ydPtNJm1DQE2JmTq2Gh94eo_15kzQGxQ6DHLbMkAzSEp9ZAsYPYyyi-U3dqVGfclqtWdj--4oF-zHdLqsiiu-J8MsT0HtJUwiWv1wy0oWAg7ebwhhm4sX4XoxkBtHKJkJIZLYYRuwcimytaZ2D3wrJUOPG6C-527duOnPQQ9ZDRq7EzYkWuITn1sDCikDQOdprY17hW4stbw07iJ2dX69sYiLYQxJdd5kqwsA7UfX-2S8ORmNjft0Kh91PcQUIMS6ASqS7MRKk0qsuemz7uA5QWWphDESG-1vSoTb26ysakU4O9XfSx9IO9-8H_CYQljP806b8knWBZOe9RnCXbJSx1w4n7tl7cbVflFgrdwkKUjl94ehPXI_aGWzgMyi01OQZD8GphVar3qSUfe901F7Jjb3-sR91nE3t-CpCnqpEKkGv5AKV5NHJ2q-gWfFwveoYVIJCtdWWw9uY99Z_WFTJn9TJj9zaoCDJG77T2L-s52cJ-VHJ_rd1dqwgq1l6aSHrLSUzOevd-LZ2abIcHDT1Yq9Hh7EjCkIoxncsA0NkPNXsu2NL-7GQWbKLpVlYBJHOAIj0cY-kv3SE__xqSy9p3rhMhc5ig4PRd1YKPGrmswsm4vnJDUEzh4vdNd9XCw99jR9zGgCH0QuJYKCNOdxGn0M3F_8IqHvj7vS2SEwzWB8MlIvjY4-z0JDmL4VfAzXfKv1u-e4idsOxPiOYoSRPVq74dfFmLzVyv9ZcmhXj4hT6d3uQGx98qsPNr8LekVY2zhb9M2FwV_peB6cna6070z0WXIwbT5n2JNBCHvbWR7DwP-Fsp3mZVz6vHYlhoObjgv8njYDWFuoeo6Y8WtYhPT2obFrS8AnDx3Z7T3xuVeXfnPLwMCBI99RBpoLiK3lnquXxStWNxigdIyawLGhOQ4c4UB_qIL9G6-dIYnqKJdH5ZLwjigserEPocck4IU5kX_QdvjDKQDPXnE6_1cRQDDqbJJRlUk0sXvSbHyeaATqU51U_RZe33sKbQDYWCTpiPuqmF6mBEvYp4QxJByOZr91Hr61xbH56yaALxGgN-ImqsNQFIYXGGYu4-K146meP_KAPitig6hzZbZeq3OEZDsh3gNLcs1yfrfR3GoDQebRDn9Do1yA4fVc261X9N2cxaHGSE-Xszg8qc5vfmQDe1YL2B_5l9SPx2z1ji9SVumm8GrgzZZYX181au6Y6bYNRN7uSKxX7W-37dY8Gq2p8VBzepTRFlAN_sj_9A4xLz8UDvZuVmGS-813NARqiYFsGCJTlGpyEkHz3SR95CVeRUeG55Pf-Lg31C7FL4Zt5JWJ3mMyA3B6zQTq6XkFHV73E0hXdfzVbN9mOAP5thF2jY8ddsXIg_M6_k7EbJb7Rp76GY3WjDih33yCnhKv_MziWaKHtGsDT0dzwml93pbDuuNWSaBML26_lzqTVyoMcXXp6nJNI5U1iGrnlk6GXEGMbbxsD0_Bk5AVHGu6khqCD_YDjw03h1N76TQ3weOUpFSQSP-OUN5Apb8wxiXhMkqv3uKdkXMLqJ1xByvXcfEn3ULyqOI9iLk1t-uVtFEV0BWIdpYln1WRVcDxO5M3ltiEX9SeptZy1JN3V_QJuHkh9NUNjbAibMB2m5SqcNGjc3tXSpVw0Wiwge3Mh5qQwh7NMKbIqIewPdL9XG05XebPy-i92EIToZhWwQKWMf8pQibVtkkL-v6KAjPbswXDD8a8b4io4vXTJ7ayk4XAJ4j86kkG4vbgh-grgNkec9G2NgUEF6A21Rgo7JnwJFlfVkHNzl8EZTpyMDBlmoA9dGoGw1Othd-ckczzUhhP6mk9PxDvzPbrejES4usl74xcOppn6Qi92xkNq0rvfDKseuffshj0OCUsNGoMqsEP1mK2EtLUX-yuA2r-rkxJhzo7j-doJTHEioOlQfJF4RUMfyH7INGqthtXVXLOgRf2R76OK770KAIW3aIvkCUEUURcdw9roisfdzpurY6pSPqsULsRvlDtAaJV9wXLCkiO2GHyibkOs6NhcA-MB3oIP4SSSYPY44Gl78XyvUfFN62nRFGq1TlKsMB23i9bMhyzizyAi55jpi6XQACFhMl1gDnqhaE1xT2vkPYWtPOo638vtOnl9hSI4P9w7r2Tyaz5l-cE5X1nZwSJiW5a_Q6fxyMnWEwUBBuAo_XTuUg6kzZNA1JtCt0EEZduzDJ6NhRwWYP36EkBeTsif1223TiZ9A_-UdnM5GZyS0Ds3quQVqH-AJP1Ops3MS-PS_lw1xROgKWLsYVUe1fkjrXWC1AsbGf8BikyhJJ-4oOvDY1KfjcKamQA4BLftoP7YMA8GZhlvuwKBPu-MpcYfX6GXaV7AT-htP4gk64gCZH_RUeR0rVVlzf3iX6TdQgiME91Wu5zWGia4uTChcyOiML_XAW9lg_d8hEYDqkVVO_60lBYiEyI2mCepE8SzSyukyvB5RRoQFldlJIlQ6hcooMMO8DEKFkE5aCyjXsjvKmn36g3x-xkl6xcm-6X8QWhNqADB7LuSMstof1exvkGuKe6PsGQJZIe1T4WiFwKZ1AhQGJlBPOEs7mdacblv1QlI0NsGpesTHduOGjN3lUrpuvv7UikB3tVvmBCa9MRykf6mrkueKYwazkAopUcZ_vr-4IU6SqSu7nLh09GUTUKAp-cM6pJi7_OiiiTpUYBTcfbOs4bRwywnEkyPTq-moCwWmxibJ-sxozQRi8ojBTWie8m5DF8G7XByFqzXnjxCxTC9JSXuEVZWGJd4xCiBIjzuz4LKdYT02zxUVPQULudAyelUPsJAyeiHu_K3Z_TIUUjWtLktck3ALw70yqfwXXwzdltoDmQCLXw1BB1mfbEbsm5G4Psn81a8hBhFedAKpWT-FbbYm310DZybNmK8ZTP5UHLQuVPjQXa1kYom259g9yL0OcBqdDE-xBy366W4WlteqhLOnIWG-2NHjFNyYaUhtT7n57b18-D9VCPzyIkja0vs9obeCiRgCeRQHsm4faIVqF9l9LzH0WObFcl9b4Qvq27q0D77BJV7sIPblgKMyA7omDYXoi8&cid=CAASEuRonc7tV9UtmE0Vh54iDCEo4Q&rfl=1%2Chttps%253A%252F%252Fportaldobitcoin.uol.com.br%252F%240

Requested by

Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2c5f4877388d7874aa3dc8972e9917cb566e9a4de4de63c1473462a6811bf97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33961
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A88D 42 B
63 B 88ms
87ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DTOvRy1zqo60jgfxiEaAGYaZumAXzNJf6yYJRAIJ_3uQV8S7tMXeMjKRJnbWFgihvIagfQ3_kmw8MavW2mbB4KH4xfjVgikl0nGRN4uwn4BHbxaKs

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame A88D 2 KB
1 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/window_focus_fy2019.js

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 22:23:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A88D 123 KB
38 KB 126ms
126ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38373
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643632328463892"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 01 Feb 2022 22:25:14 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame A88D 14 KB
6 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fde98a3e06f299a73b0a3eb6c095649b9c3f9c342596091936a4675fd6980a1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:22:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6195
x-xss-protection: 0
server: cafe
etag: 17106829078744545694
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 22:22:33 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A88D 0
0 66ms
65ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTD7gFdhSGL42LpdMPE4h7FkBgK0ZehNVA5Jo1gDQBcFcXCT8WJmBS9n_DZhFxNWyH_XDZfDLQwxgcHXU0lZi3bRWUqZw
Requested by: Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 -RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js Show response
pagead2.googlesyndication.com/bg/ Frame 67EC 35 KB
13 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f91417ba47adb96f6358862c68ce52f90977d4f5e806c99deaf76414766d0d02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 20:20:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 353066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13701
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Jan 2023 20:20:48 GMT

GET
H3 200 300x600.html Show response
s0.2mdn.net/sadbundle/2035603817071902720/ Frame 609B 47 KB
11 KB 76ms
76ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2035603817071902720/300x600.html?e=69&leftOffset=0&topOffset=0&c=qHRwOQ7dtx&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

220d9ee76aa547f9a0555829cd88b5aea75ec009aaa09ddba5d912918c9101c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
date: Tue, 01 Feb 2022 22:25:14 GMT
expires: Wed, 01 Feb 2023 22:25:14 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 24 Sep 2021 03:34:51 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7BF0 0
24 B 124ms
74ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuzdAdIQpZ-JwDDE1BZ3_zs2uErfuACdtq4QgCOxZNSfLogosR_JXHWgl0G-g2WIbY7AGAFjlk71cFB2OAVMcqxuZhWI6Z-lwX6RzyZ5cN6fq5tLCatpmqlyYqpM2RFE4EWcTdlcO0OPJMKJhd2VmfZa-WmBU6_ln9mW4tGAM_SgW9bllWTnEb_izreqzUTXkV0nWoSSWyQ6S2hbRhBxz66_iJwR_pF5hA0r4GKIrS65J-Lm9qhGSrHMU6CKqxcbd6tMiYq53fdfcNVjTkq-I8Gq76diitegA4MUiS0gLzs85a7QJpAd8hMo1-GbkExfIQJueMwCu6AtQJPYL6Yv8P4tPluf-16rfwFdn-gNfGMiWZL4tAWfZ6-9dFUL_KyRpRmeJBAsnFg8ppRmhhN0FWDTj9ZlJx8lxehIH2rQJoXXdBltf_jQCXxoy-Z7hZBzrBqIo-jJFsWtzJd4q7mQ8w8CzIK4YmjmfrsypTpstVnUv_DV-qqBalZt0wlhQmLv4mpsiGGrNHL5guSIFfYoKiv4awXVkcEBW_JLyZT2gzPOQ-57MmUvb35AsKy708FIS9z0wBsufd2ZDXl9f0JsntEKYR5ERaQRQ4QW0Ej5lbe37afQ8lbBEVKvODrZjD8oAPwP4ehClkBzILdRr8YUaBJSwiNMLNNfPxEBzlXUiAU2QquiZeWgpft5ozoSYoxOs5AM44wzsBlB-TUpkgGpbS43dyqOhJ5OZpHoLTY3cTGNZdqYhowQIOMscd94g46xuOJjvBzPcRxYmIxh_47IOFwNa7FFfctfpcqs6aHk6qDxs3dB-Ufct7D8_teg6eyUHN48s4NWVHRn9M5vnAs_NRPHAbIU5OZU0jYpmalyqVA_5YgOn0hMBrX6gM7sufuVVer0hG90V9JCOBCuPuPDkIBSjPzp5ajFmYj32UO4cHWLB4yZ7M7zNMrpl5nWqgcAyEudKBPzGvLz9xKjPzQ9elXVgrVAigoTd5lRmiGJ4KYQW_c8YfZM7Cv_0gUFn8eVESAhkRdaC0FkAPvswOJeaodEt2L1sfbJhH3Co8kbIYd0TkUyG58W2PJAhMDKB9EPMAaUTpN_9m3Gk1XBb4ocxR1JdUA20JfvnB9av6MW8wMFozuEy6TiB-e5Mn513eYSYiYrl2z7rX6fpGkVm7OTEYL64bYW-sDYqx7MPpzQHD9xzUK9n401bykW7vz2vO_e5rYihvSkVeyPefHUWrZH05m4PjV6A&sai=AMfl-YRVFTmV5aKcV9HHtUnb1U6MN2cnIfa-4XLY52a1FbiOfrpVA_CTyg12ylNalUc0vfqi02loBvyHxwQtdpCDMlu2EW99ncPY-cV6VGq5CVyXuEn9Si4a1uuNcyQE7wgV1QWhbnf3K0q7xku4kQuB4C2CThdwIA&sig=Cg0ArKJSzLESzUaVhVkdEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=267&cbvp=1&cstd=262&cisv=r20220131.34147&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 01 Feb 2022 22:25:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7263
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDwGwbi4a52wKZlioAJ8PR0&google_cver=1

43 B
894 B

58ms
58ms

Image
image/gif

2.20.85.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDwGwbi4a52wKZlioAJ8PR0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYn6KFvgEwAQ&v=APEucNUb1cQ8M7kceWb2I_9KjLHwFINj6geUSJDn0hypA8uaIj8Cl7ngivxq7pKrHLEf7PheEkPgi2m_Sr9ImMIIsxOR-MlkBdkqPB7qTt3F71ypfRrxV-pTB_IlULI_pIEdklo5RRdfV3mnvp4iRplG2crHHNxqYU6Mi3zXiDHpmZy1mq232tQ
Protocol: HTTP/1.1
Server: 2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-85-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 22:25:15 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 01 Feb 2022 22:25:15 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDwGwbi4a52wKZlioAJ8PR0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7263
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfmzSnCf48JsP5.p9M3WQAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHDIC3J0qggviWRIayFImxE&google_cver=1&google_hm=2

43 B
894 B

58ms
58ms

Image
image/gif

2.20.85.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHDIC3J0qggviWRIayFImxE&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYn6KFvgEwAQ&v=APEucNUb1cQ8M7kceWb2I_9KjLHwFINj6geUSJDn0hypA8uaIj8Cl7ngivxq7pKrHLEf7PheEkPgi2m_Sr9ImMIIsxOR-MlkBdkqPB7qTt3F71ypfRrxV-pTB_IlULI_pIEdklo5RRdfV3mnvp4iRplG2crHHNxqYU6Mi3zXiDHpmZy1mq232tQ
Protocol: HTTP/1.1
Server: 2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-85-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 22:25:15 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 01 Feb 2022 22:25:15 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHDIC3J0qggviWRIayFImxE&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 7263
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFKmmM3JBANyYHwHxA7h9QI&google_cver=1

43 B
1003 B

39ms
39ms

Image
image/gif

185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFKmmM3JBANyYHwHxA7h9QI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYn6KFvgEwAQ&v=APEucNUb1cQ8M7kceWb2I_9KjLHwFINj6geUSJDn0hypA8uaIj8Cl7ngivxq7pKrHLEf7PheEkPgi2m_Sr9ImMIIsxOR-MlkBdkqPB7qTt3F71ypfRrxV-pTB_IlULI_pIEdklo5RRdfV3mnvp4iRplG2crHHNxqYU6Mi3zXiDHpmZy1mq232tQ

Protocol

HTTP/1.1

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 22:25:15 GMT
X-Proxy-Origin: 217.64.151.30; 217.64.151.30; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d3ec3616-c8c2-46f4-b028-3c63ccfe6d29
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFKmmM3JBANyYHwHxA7h9QI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7263
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc2OTg4NzI1NTc5NjEzOTE0

170 B
188 B

43ms
42ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc2OTg4NzI1NTc5NjEzOTE0

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 22:25:14 GMT
X-Proxy-Origin: 217.64.151.30; 217.64.151.30; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 048312b5-0b69-440b-bc79-b313275d5f86
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc2OTg4NzI1NTc5NjEzOTE0
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9A37 0
23 B 83ms
70ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssCMUyiVqbU07PYhezJEm5e9CHOy9wsxahn6QdxCE801zloNBpP4LIWmsiSRYVhlgYQ9FlTuXDopg0X0NO7G9BtB_xL6M27k_CfKepfIZkq2Bmgj5viEUMyJXw9iYR9xjRaanqaROoHncWnf1bK5iCFCERztcCsjp1oWFh4409cbD6mhK2kdeWV6BST4VLsNk6jS0qSIrUlwoWbDbQPGL6UcbD_Lvrjgp4U7ITI5WdXXYhcuKS0E7k7IxREiiMOaDr2iqOs3ZwyosYh4WM6DLDpbjrrig1_snY6cM2qyHhgGW779RAhb_wIEfH7FWKha5FYeMPlDIHnQjVXoXtinMmEXn_2PzO5OQgiOj018_Z8ToPq7dosg-zOJhf4E9H0jbvbaZ_-lGIXUTVfUPHo4Ae4-IUiPAXWcD0XJ1MGjF2rGbhNRUZulfz1mdXj0E0nZj5F9I22EVkljjes0BhdrTfcypGXH73fXJV72rBCJAcBPYvV6hHnBEYmFZsvJ0x3fNrtDnjCsLAb3QjcX413GuSwdr5XsgPJdFi4eEPxM1qwGXSl4i1pGtDUJk5wAqZ5J1dK7ZiWQ8LRnIETFx0o6IRmSILLDODdYF979J9a8RpMXU9TApbDni3Db2TkCGFblMXXkGdZhO_a-UMSL-hXCXlI1Jb_5SRZ9iAv04uwGOAcCch96iOs3dglsCs_uV4DH3-ZFRrcD3wjbN2u0n1jmDhlFiFoHxqXS2AxqvWUp-7mYzzukAoVLIy2d3vHRfM7HuZV56Y3IlPeS0-U_vX4ZViwEFej4T4Uf45lChygk-VNZKti1UMNmqt5fEFh6SbecRlOHNIVMB47o-n3rcQ47t3CSV2ceWeGi-w8kdn2sTmgEquGdwWOIorg6lSB2oH1tFxHsPkz4YQaeSLafyvOOMcoKUO1ZNVBvKwLaSpxrusPPMe_qs3rN7FQ5l75vY1EL4PDQ14xCpyrEl6QCSvNuWuQed7fehqtXoP2FY3Wj4xTwNZnzFnnNGWcB7au4DPbejhU0Zz8fyzLZJ5Ot6qOpG2Mz0lx8AFFrpGIZ6Qvc3cdbfZubaIPFJP5nFfJTSXH7hvQWNvdGA-WT5hg-VVllu69jSl2zah-w7zAGVfnYeIruN1qcM_uT-EmbIat9fssfDYRKFF5AoWjjgT6TpHdiYAgOnHvUcInQGQS13C025s6YkvsvjKZeZ1E3E1ocKcbPYppBNDGlTjZgaJBw17uXsk7WrebdV-HUnjmLJQS9c5rGfLbVtLOSnEkaru9UJ8&sai=AMfl-YSHoke253GZObi6k7Nmrh2KZZb-PBvB2FbNdSNKbHpPJyGg5WPyf5TtOWAaLJx9iEoK077zaigri_nVymttNEEtq0ZAtd6A_e1blGEaO34InoVx5AFLxuzBHPU-aA2ODbr19Try1L5LFMqbgFWPlOXTTWyERxsp_5XsMBbrc9sWb6_QD2UUw3k&sig=Cg0ArKJSzLVFHkjspNn-EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=687&vt=11&dtpt=531&dett=3&cstd=153&cisv=r20220131.79311&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 01 Feb 2022 22:25:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/912962/59461375/ Frame A88D 232 KB
70 KB 192ms
66ms Script
application/javascript 54.171.208.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/912962/59461375/skeleton.js?ias_dspID=3&ias_campId=26029340&ias_pubId=pub-6330791094260149&ias_chanId=1&ias_placementId=15845895118&bidurl=https://portaldobitcoin.uol.com.br/&ias_dealId=
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.208.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-208-149.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 88b297909ac525c046a6a2e7942f2c19283fa3f8b64e114a3dc3da211399afca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:15 GMT
content-encoding: gzip
x-f1: 1
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame A88D 106 KB
37 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
Origin: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 10:21:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43399
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Feb 2022 10:21:56 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220131/r20110914/elements/html/ Frame A88D 8 KB
3 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220131/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AeNRdAY2KYQXMOt1nAQ-NmP_vTCGKFs0PAfn1v0spZ06hZX6irXC8NuabMdcSPL5JY417mqGh7BdOQXeCzRbOZFnMGagxbprIEpE-dCwmr5tYRjihGj8d4rzTvOVY7sf5QMPP4sFnhksZvX9bGUKcYt87lCg&dbm_d=AKAmf-CamlqFgB2l0leqXW4336yrgrajHu_uB7sDvQPKWb4c1EXnDHMqmM6eG_RkGzlNRxKehHb_rxTBx6jdsALxvcQtIkASmxTN58n2mtiRv7y6SBb2IhO-Yv2k8FlUdceYk2Hvfj5_v-AwQg9ZlNFFr9uZkcab36yUiZ6t3YZ1vRByW9J6EzK5R7ydPtNJm1DQE2JmTq2Gh94eo_15kzQGxQ6DHLbMkAzSEp9ZAsYPYyyi-U3dqVGfclqtWdj--4oF-zHdLqsiiu-J8MsT0HtJUwiWv1wy0oWAg7ebwhhm4sX4XoxkBtHKJkJIZLYYRuwcimytaZ2D3wrJUOPG6C-527duOnPQQ9ZDRq7EzYkWuITn1sDCikDQOdprY17hW4stbw07iJ2dX69sYiLYQxJdd5kqwsA7UfX-2S8ORmNjft0Kh91PcQUIMS6ASqS7MRKk0qsuemz7uA5QWWphDESG-1vSoTb26ysakU4O9XfSx9IO9-8H_CYQljP806b8knWBZOe9RnCXbJSx1w4n7tl7cbVflFgrdwkKUjl94ehPXI_aGWzgMyi01OQZD8GphVar3qSUfe901F7Jjb3-sR91nE3t-CpCnqpEKkGv5AKV5NHJ2q-gWfFwveoYVIJCtdWWw9uY99Z_WFTJn9TJj9zaoCDJG77T2L-s52cJ-VHJ_rd1dqwgq1l6aSHrLSUzOevd-LZ2abIcHDT1Yq9Hh7EjCkIoxncsA0NkPNXsu2NL-7GQWbKLpVlYBJHOAIj0cY-kv3SE__xqSy9p3rhMhc5ig4PRd1YKPGrmswsm4vnJDUEzh4vdNd9XCw99jR9zGgCH0QuJYKCNOdxGn0M3F_8IqHvj7vS2SEwzWB8MlIvjY4-z0JDmL4VfAzXfKv1u-e4idsOxPiOYoSRPVq74dfFmLzVyv9ZcmhXj4hT6d3uQGx98qsPNr8LekVY2zhb9M2FwV_peB6cna6070z0WXIwbT5n2JNBCHvbWR7DwP-Fsp3mZVz6vHYlhoObjgv8njYDWFuoeo6Y8WtYhPT2obFrS8AnDx3Z7T3xuVeXfnPLwMCBI99RBpoLiK3lnquXxStWNxigdIyawLGhOQ4c4UB_qIL9G6-dIYnqKJdH5ZLwjigserEPocck4IU5kX_QdvjDKQDPXnE6_1cRQDDqbJJRlUk0sXvSbHyeaATqU51U_RZe33sKbQDYWCTpiPuqmF6mBEvYp4QxJByOZr91Hr61xbH56yaALxGgN-ImqsNQFIYXGGYu4-K146meP_KAPitig6hzZbZeq3OEZDsh3gNLcs1yfrfR3GoDQebRDn9Do1yA4fVc261X9N2cxaHGSE-Xszg8qc5vfmQDe1YL2B_5l9SPx2z1ji9SVumm8GrgzZZYX181au6Y6bYNRN7uSKxX7W-37dY8Gq2p8VBzepTRFlAN_sj_9A4xLz8UDvZuVmGS-813NARqiYFsGCJTlGpyEkHz3SR95CVeRUeG55Pf-Lg31C7FL4Zt5JWJ3mMyA3B6zQTq6XkFHV73E0hXdfzVbN9mOAP5thF2jY8ddsXIg_M6_k7EbJb7Rp76GY3WjDih33yCnhKv_MziWaKHtGsDT0dzwml93pbDuuNWSaBML26_lzqTVyoMcXXp6nJNI5U1iGrnlk6GXEGMbbxsD0_Bk5AVHGu6khqCD_YDjw03h1N76TQ3weOUpFSQSP-OUN5Apb8wxiXhMkqv3uKdkXMLqJ1xByvXcfEn3ULyqOI9iLk1t-uVtFEV0BWIdpYln1WRVcDxO5M3ltiEX9SeptZy1JN3V_QJuHkh9NUNjbAibMB2m5SqcNGjc3tXSpVw0Wiwge3Mh5qQwh7NMKbIqIewPdL9XG05XebPy-i92EIToZhWwQKWMf8pQibVtkkL-v6KAjPbswXDD8a8b4io4vXTJ7ayk4XAJ4j86kkG4vbgh-grgNkec9G2NgUEF6A21Rgo7JnwJFlfVkHNzl8EZTpyMDBlmoA9dGoGw1Othd-ckczzUhhP6mk9PxDvzPbrejES4usl74xcOppn6Qi92xkNq0rvfDKseuffshj0OCUsNGoMqsEP1mK2EtLUX-yuA2r-rkxJhzo7j-doJTHEioOlQfJF4RUMfyH7INGqthtXVXLOgRf2R76OK770KAIW3aIvkCUEUURcdw9roisfdzpurY6pSPqsULsRvlDtAaJV9wXLCkiO2GHyibkOs6NhcA-MB3oIP4SSSYPY44Gl78XyvUfFN62nRFGq1TlKsMB23i9bMhyzizyAi55jpi6XQACFhMl1gDnqhaE1xT2vkPYWtPOo638vtOnl9hSI4P9w7r2Tyaz5l-cE5X1nZwSJiW5a_Q6fxyMnWEwUBBuAo_XTuUg6kzZNA1JtCt0EEZduzDJ6NhRwWYP36EkBeTsif1223TiZ9A_-UdnM5GZyS0Ds3quQVqH-AJP1Ops3MS-PS_lw1xROgKWLsYVUe1fkjrXWC1AsbGf8BikyhJJ-4oOvDY1KfjcKamQA4BLftoP7YMA8GZhlvuwKBPu-MpcYfX6GXaV7AT-htP4gk64gCZH_RUeR0rVVlzf3iX6TdQgiME91Wu5zWGia4uTChcyOiML_XAW9lg_d8hEYDqkVVO_60lBYiEyI2mCepE8SzSyukyvB5RRoQFldlJIlQ6hcooMMO8DEKFkE5aCyjXsjvKmn36g3x-xkl6xcm-6X8QWhNqADB7LuSMstof1exvkGuKe6PsGQJZIe1T4WiFwKZ1AhQGJlBPOEs7mdacblv1QlI0NsGpesTHduOGjN3lUrpuvv7UikB3tVvmBCa9MRykf6mrkueKYwazkAopUcZ_vr-4IU6SqSu7nLh09GUTUKAp-cM6pJi7_OiiiTpUYBTcfbOs4bRwywnEkyPTq-moCwWmxibJ-sxozQRi8ojBTWie8m5DF8G7XByFqzXnjxCxTC9JSXuEVZWGJd4xCiBIjzuz4LKdYT02zxUVPQULudAyelUPsJAyeiHu_K3Z_TIUUjWtLktck3ALw70yqfwXXwzdltoDmQCLXw1BB1mfbEbsm5G4Psn81a8hBhFedAKpWT-FbbYm310DZybNmK8ZTP5UHLQuVPjQXa1kYom259g9yL0OcBqdDE-xBy366W4WlteqhLOnIWG-2NHjFNyYaUhtT7n57b18-D9VCPzyIkja0vs9obeCiRgCeRQHsm4faIVqF9l9LzH0WObFcl9b4Qvq27q0D77BJV7sIPblgKMyA7omDYXoi8&cid=CAASEuRonc7tV9UtmE0Vh54iDCEo4Q&rfl=1%2Chttps%253A%252F%252Fportaldobitcoin.uol.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:18:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 408
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 22:18:27 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220131/r20110914/ Frame A88D 24 KB
9 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220131/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fa038660bda739cd06e007628e1d7b8ad1d300aff5c9acce85e73f9ecacc2ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9488
x-xss-protection: 0
server: cafe
etag: 10429589367799073301
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 22:24:39 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame C43F 376 KB
125 KB 163ms
76ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: s.dynad.net
URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4a576181de48e65c16476d10dcb5de9730675835d885ae49ae1ae3a67ae950b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127061
x-xss-protection: 0
expires: Tue, 01 Feb 2022 22:25:15 GMT

GET
H3 200 Enabler_01_246.js Show response
s0.2mdn.net/879366/ Frame 609B 116 KB
39 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_246.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2035603817071902720/300x600.html?e=69&leftOffset=0&topOffset=0&c=qHRwOQ7dtx&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2035603817071902720/300x600.html?e=69&leftOffset=0&topOffset=0&c=qHRwOQ7dtx&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 10:40:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42297
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40237
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Feb 2022 10:40:18 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 609B 60 KB
24 KB 79ms
79ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2035603817071902720/300x600.html?e=69&leftOffset=0&topOffset=0&c=qHRwOQ7dtx&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2035603817071902720/300x600.html?e=69&leftOffset=0&topOffset=0&c=qHRwOQ7dtx&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Feb 2022 22:25:15 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/11159005284673318224/ Frame 55F3 149 KB
23 KB 34ms
33ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11159005284673318224/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49103470dfd331d2704151ad74c2a81cfac66820a989e59f3391b86627622434

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 23120
date: Wed, 26 Jan 2022 14:53:54 GMT
expires: Thu, 26 Jan 2023 14:53:54 GMT
cache-control: public, max-age=31536000
age: 545481
last-modified: Wed, 01 Dec 2021 08:17:58 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A88D 0
24 B 75ms
75ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuz0zXLW4H2r8Gz9y_JRh9N5Ro9x-Ey5WRTp-u4GuACKG88zre0fvlTODgYFo198uOW-SNWYbxT4MpZwA1y9sOwd_GDdqIrdwotVFFbNLYTrn51is8JyISJooLRjkNl9Sfsugf6eLPdUyaccehB4WmpQMdjt2evJfW4VygI4ueVx61x5yJzmJC2h1U8eT5Yst9oTIPI78-9AXns8s3oqgzdlQfRHKMJecMZMuU8N8m_op0v9u0O_UyEv6VSuDg2y04ZLOYrjocweGnp3v3Myw24hlQ8W2tQ8j31YG60J3BCR4pmlWRFtQGEd_re160HC00t0efg-9ooDijAu9lMKPtPgl29HIWWwva7j_KKyiEfyF02yOTa921h23CJqmRG8cdtE6PJaBOE9CM-MmFW9vaVuguSuSww4vBS1mFgFXMD4rIOJ0qDKmRMC1DL9eCA8NCpJT2DeA-_3j7uXHpOi6y6Gc-TxKZPXwPZRTomMUAR9Sj7sNb3gKb-EfvQwNiQW1dBB_0anA7OsvoyjTa5pyOELzChv_J-8WBmUwM0ClwBA_anbwYrCbbhoKTsL2-1cn8GSSKsBTSmP1sACGuuezxUFOcknMNJX3914SnDwLHO0CVv_eEvdhPvlEo2X-PByFoHicNmNUbrS52M-TwUBY5ngcszbFD-4n_s3zW6_F8FrA07KcCKvDPb4EfutM8vKFMVLlJOONxie9Dgx9ovbpiAVnuMXsohHZWyxzGXylqRvJcF_IsOEzSqn9ZVOmcn0xZmiWEkzgAECFjjrLJ1QJmTR3cygxUdpQq0GADgPC8b7DfjhD9oZiGDWUxrxQr5dVGi8yFpALpoNxoersU45d_7P5rfQBa8PyaD_v99KP9vZLo-PhWKgPi3bcxkc4DSkihiEXaZ0ca4nx01631QDM5ueDNsk8FigBsjRMd9Mn9uVphryZdhrVGKk3XPKH-d1veMdpkX6GajEObdG_LlNKCDsulZuXW9uiwTcOnHHbvU_3aIdBuAckgMgj6xkwa44-xxe44OFNNOGPskUbk0OyAiC9_7Wi4VDCpbZ5ZJXw68yIlvy-9FXvCA5Pg50IeHEd0rdJisdl6D46SchS7MeMM_QDnCLXpoL8BzGpvAty8sCdGKUtKzpuNeLY09JVckeaG0SaWvxaIPLtf1JX_Pt-8W3k7Hg9BAmYdCsQKC0K2mYvzJ46oVhkFkenOCGuhB7QCR6sIFYqmWzOo&sai=AMfl-YQ49W1Atm4iorfAAGBT4aM6TTKr4iIRw7PJ7W-62vHVBuaLeuUQ-GMLLoEHXTfQ2tOJ1kp12ifuMpFNuTsbihBtwHVwv3Tz2b1vM1f0i5OX0MHoaE_WBTOxnS3ucHvK_K5_evAe7WpaWiDkVg2LdbEF-mdAoQ&sig=Cg0ArKJSzJU8XT5HgMfhEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=66&cbvp=1&cstd=64&cisv=r20220131.24168&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 01 Feb 2022 22:25:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A88D 41 KB
15 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:45:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175196
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 30 Jan 2023 21:45:19 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 74F3 1 KB
749 B 30ms
30ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Tue, 01 Feb 2022 05:53:44 GMT
expires: Wed, 02 Feb 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 59491
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame A88D 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a750faf879f5317826ed7a5bc0f0c2e773176ceaaf0e2dd519a126590d10e77a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8183 22 KB
8 KB 34ms
33ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Jan 2022 17:31:54 GMT
expires: Sun, 29 Jan 2023 17:31:54 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 276801
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 55F3 29 KB
10 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11159005284673318224/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11159005284673318224/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30873
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Feb 2022 13:50:42 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 74F3
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENUD34yzkLcM88g2qPhFA3Q&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V3BYZkFWaDUxTmYxQW41&google_gid=CAESENUD34yzkLcM88g2qPhFA3Q&google_cver=1&google_push=AYg5qPJlFXwBxxnWDZtB_ShTKCdFSE7UvYXjy3m_wN4LYbk...

170 B
188 B

69ms
69ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V3BYZkFWaDUxTmYxQW41&google_gid=CAESENUD34yzkLcM88g2qPhFA3Q&google_cver=1&google_push=AYg5qPJlFXwBxxnWDZtB_ShTKCdFSE7UvYXjy3m_wN4LYbkzEnqi9UchVgMyv2DkIh1zckWlnmRMkQZ3gCX0ZKpP2uLVQAWdNxs

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 22:25:14 GMT
Server: PingMatch/v2.0.30-702-g2925257#rel-ec2-master i-0d390a4cbd087d732@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V3BYZkFWaDUxTmYxQW41&google_gid=CAESENUD34yzkLcM88g2qPhFA3Q&google_cver=1&google_push=AYg5qPJlFXwBxxnWDZtB_ShTKCdFSE7UvYXjy3m_wN4LYbkzEnqi9UchVgMyv2DkIh1zckWlnmRMkQZ3gCX0ZKpP2uLVQAWdNxs
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 74F3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMMjzqnVr9vb-qc3DH1wgdM&google_push=AYg5qPJSJKjOi-410v44CkCbQp94XRu7AOr-Oc_qlMHqnzQNJ1yQOJT7DS...

170 B
188 B

63ms
62ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMMjzqnVr9vb-qc3DH1wgdM&google_push=AYg5qPJSJKjOi-410v44CkCbQp94XRu7AOr-Oc_qlMHqnzQNJ1yQOJT7DSiSAFLM6XqUlDzK8Cba1-7i34-98U_WvB1IO1Yvkg

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:15 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1643754315.316716,VS0,VE93
x-served-by: cache-hhn4049-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMMjzqnVr9vb-qc3DH1wgdM&google_push=AYg5qPJSJKjOi-410v44CkCbQp94XRu7AOr-Oc_qlMHqnzQNJ1yQOJT7DSiSAFLM6XqUlDzK8Cba1-7i34-98U_WvB1IO1Yvkg
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 74F3 0
191 B 241ms
84ms Image
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEFtvgb1-NV96-3Hbh06QEHs&google_cver=1&google_push=AYg5qPIZHpt442zd0KJJDvLclkrMbOqBBAVlGZHd5aHIoxDNkuVs4uTNo5h1exccJ4-tYnbttSJTIuTc5eL2-AEH28MIKy3qMg
Requested by: Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:14 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 74F3
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEP...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPKqUnkP78pvYx3YZvDfY0OTs7-ITHouy3_fcfO5ezLns0yUDTVxscd_LPYvt213LabyEURMIPIxvnFXpC-3QTHBIVZvlMg&redir=https%3A%2F%2Fcm.g.double...
https://sync.targeting.unrulymedia.com/csync/RX-1cf83c93-83ee-4c89-9b51-52d797ad4c75-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPKqUnkP78pvYx3YZvDfY...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKqUnkP78pvYx3YZvDfY0OTs7-ITHouy3_fcfO5ezLns0yUDTVxscd_LPYvt213LabyEURMIPIxvnFXpC-3QTHBIVZvlMg&google_hm=Axz4PJOD7kyJm1FS15etTHU

170 B
188 B

91ms
91ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKqUnkP78pvYx3YZvDfY0OTs7-ITHouy3_fcfO5ezLns0yUDTVxscd_LPYvt213LabyEURMIPIxvnFXpC-3QTHBIVZvlMg&google_hm=Axz4PJOD7kyJm1FS15etTHU

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKqUnkP78pvYx3YZvDfY0OTs7-ITHouy3_fcfO5ezLns0yUDTVxscd_LPYvt213LabyEURMIPIxvnFXpC-3QTHBIVZvlMg&google_hm=Axz4PJOD7kyJm1FS15etTHU
date: Tue, 01 Feb 2022 22:25:15 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX1cf83c9383ee4c899b5152d797ad4c75003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 74F3
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEOFm0Fmh_bJYsyLGOP_T8P8&google_cver=1&google_push=AYg5qPLB2t73itxhXjxD4V8u5naS8068gaurPIFX8QW20pRno_oKh0V5KMVY_w4M4kCL7pG2xA2UMElHqA0-_4Ukjp7DBULltuM
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDUyODM1MTk0MTY0Mjc1MDkyOTQ5MA%3D%3D&google_push=AYg5qPLB2t73itxhXjxD4V8u5naS8068gaurPIFX8QW20pRno_oKh0V5...

170 B
188 B

66ms
66ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDUyODM1MTk0MTY0Mjc1MDkyOTQ5MA%3D%3D&google_push=AYg5qPLB2t73itxhXjxD4V8u5naS8068gaurPIFX8QW20pRno_oKh0V5KMVY_w4M4kCL7pG2xA2UMElHqA0-_4Ukjp7DBULltuM

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDUyODM1MTk0MTY0Mjc1MDkyOTQ5MA%3D%3D&google_push=AYg5qPLB2t73itxhXjxD4V8u5naS8068gaurPIFX8QW20pRno_oKh0V5KMVY_w4M4kCL7pG2xA2UMElHqA0-_4Ukjp7DBULltuM
date: Tue, 01 Feb 2022 22:25:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 74F3
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECRveH9bVyMOap3BXir3QEA&google_cver=1&google_push=AYg5qPIFSiwbIoR689fL3c8mqiYoTgqeVZFsIA2n37UhOaLmz-_v23O2QCVDl54cM8dLydyJw9...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1xSGp1VmJ0RTJ1RWFPSkg5cENoaG5jYjFDR0xZUFQueX5B&google_push=AYg5qPIFSiwbIoR689fL3c8mqiYoTgqeVZFsIA2n37UhOaLmz-_v23O2Q...

170 B
188 B

67ms
67ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1xSGp1VmJ0RTJ1RWFPSkg5cENoaG5jYjFDR0xZUFQueX5B&google_push=AYg5qPIFSiwbIoR689fL3c8mqiYoTgqeVZFsIA2n37UhOaLmz-_v23O2QCVDl54cM8dLydyJw91xkWLCtABOco5OmByU4p6JGuI

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1xSGp1VmJ0RTJ1RWFPSkg5cENoaG5jYjFDR0xZUFQueX5B&google_push=AYg5qPIFSiwbIoR689fL3c8mqiYoTgqeVZFsIA2n37UhOaLmz-_v23O2QCVDl54cM8dLydyJw91xkWLCtABOco5OmByU4p6JGuI
date: Tue, 01 Feb 2022 22:25:15 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 74F3 43 B
65 B 81ms
80ms Image
image/gif 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEE35kGjFr3T3jkColPEx-uY&google_cver=1&google_push=AYg5qPKfbt4Xbyane7m-Dg44XM-baKzeQy5BUrKz6ZgCqTLL6HFn_GdUOq414rDOrhqCGqyL57Q_5WUUy9eOJ-mNUg0Ckm-dr9Mb

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Feb 2022 22:25:15 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 74F3 0
12 B 53ms
53ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LD-wxDiM6-A88W2ZZ4bmRL5sbQOWsqHPgPqgmlsjMk8CVMLF32p4A2wm2Tkk9Z_zKztbT8aoM

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:15 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7BF0 0
23 B 91ms
91ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuzdAdIQpZ-JwDDE1BZ3_zs2uErfuACdtq4QgCOxZNSfLogosR_JXHWgl0G-g2WIbY7AGAFjlk71cFB2OAVMcqxuZhWI6Z-lwX6RzyZ5cN6fq5tLCatpmqlyYqpM2RFE4EWcTdlcO0OPJMKJhd2VmfZa-WmBU6_ln9mW4tGAM_SgW9bllWTnEb_izreqzUTXkV0nWoSSWyQ6S2hbRhBxz66_iJwR_pF5hA0r4GKIrS65J-Lm9qhGSrHMU6CKqxcbd6tMiYq53fdfcNVjTkq-I8Gq76diitegA4MUiS0gLzs85a7QJpAd8hMo1-GbkExfIQJueMwCu6AtQJPYL6Yv8P4tPluf-16rfwFdn-gNfGMiWZL4tAWfZ6-9dFUL_KyRpRmeJBAsnFg8ppRmhhN0FWDTj9ZlJx8lxehIH2rQJoXXdBltf_jQCXxoy-Z7hZBzrBqIo-jJFsWtzJd4q7mQ8w8CzIK4YmjmfrsypTpstVnUv_DV-qqBalZt0wlhQmLv4mpsiGGrNHL5guSIFfYoKiv4awXVkcEBW_JLyZT2gzPOQ-57MmUvb35AsKy708FIS9z0wBsufd2ZDXl9f0JsntEKYR5ERaQRQ4QW0Ej5lbe37afQ8lbBEVKvODrZjD8oAPwP4ehClkBzILdRr8YUaBJSwiNMLNNfPxEBzlXUiAU2QquiZeWgpft5ozoSYoxOs5AM44wzsBlB-TUpkgGpbS43dyqOhJ5OZpHoLTY3cTGNZdqYhowQIOMscd94g46xuOJjvBzPcRxYmIxh_47IOFwNa7FFfctfpcqs6aHk6qDxs3dB-Ufct7D8_teg6eyUHN48s4NWVHRn9M5vnAs_NRPHAbIU5OZU0jYpmalyqVA_5YgOn0hMBrX6gM7sufuVVer0hG90V9JCOBCuPuPDkIBSjPzp5ajFmYj32UO4cHWLB4yZ7M7zNMrpl5nWqgcAyEudKBPzGvLz9xKjPzQ9elXVgrVAigoTd5lRmiGJ4KYQW_c8YfZM7Cv_0gUFn8eVESAhkRdaC0FkAPvswOJeaodEt2L1sfbJhH3Co8kbIYd0TkUyG58W2PJAhMDKB9EPMAaUTpN_9m3Gk1XBb4ocxR1JdUA20JfvnB9av6MW8wMFozuEy6TiB-e5Mn513eYSYiYrl2z7rX6fpGkVm7OTEYL64bYW-sDYqx7MPpzQHD9xzUK9n401bykW7vz2vO_e5rYihvSkVeyPefHUWrZH05m4PjV6A&sai=AMfl-YRVFTmV5aKcV9HHtUnb1U6MN2cnIfa-4XLY52a1FbiOfrpVA_CTyg12ylNalUc0vfqi02loBvyHxwQtdpCDMlu2EW99ncPY-cV6VGq5CVyXuEn9Si4a1uuNcyQE7wgV1QWhbnf3K0q7xku4kQuB4C2CThdwIA&sig=Cg0ArKJSzLESzUaVhVkdEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=503&vt=11&dtpt=236&dett=3&cstd=262&cisv=r20220131.34147&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 01 Feb 2022 22:25:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 609B 47 KB
47 KB 59ms
59ms Font
font/woff2 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Requested by

Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/2035603817071902720/300x600.html?e=69&leftOffset=0&topOffset=0&c=qHRwOQ7dtx&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:15:25 GMT
x-content-type-options: nosniff
age: 590
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Feb 2022 22:30:25 GMT

GET
H3 200 OnAir-Regular.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 609B 47 KB
47 KB 64ms
64ms Font
font/woff2 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Regular.woff2

Requested by

Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/2035603817071902720/300x600.html?e=69&leftOffset=0&topOffset=0&c=qHRwOQ7dtx&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:18:52 GMT
x-content-type-options: nosniff
age: 383
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47848
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Feb 2022 22:33:52 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 609B 7 KB
5 KB 138ms
74ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_246&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d142a7f3250bd1191cf1fdf539fc87c89b47ae3cadcebb65252c9a1b0abdab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 01 Feb 2022 22:25:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5549
x-xss-protection: 0

GET
H3 200 60005582_20211014235440811_APP_iPhone-13-Pro_Asset.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 609B 26 KB
26 KB 100ms
100ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20211014235440811_APP_iPhone-13-Pro_Asset.png

Requested by

Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59f93c8637fa1e41eb70ab270cc6a5dff7887d9ab040daec1a8fba1e3edc4cd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2035603817071902720/300x600.html?e=69&leftOffset=0&topOffset=0&c=qHRwOQ7dtx&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 14:13:07 GMT
x-content-type-options: nosniff
age: 29528
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26568
x-xss-protection: 0
last-modified: Fri, 15 Oct 2021 06:54:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Feb 2022 14:13:07 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame 609B 43 B
609 B 190ms
67ms Image
image/gif 82.113.101.132
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=27008872_4307561_324251169_146045686_-0&ref=27008872_4307561_324251169_146045686_-0
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.113.101.132 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.o2online.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 22:25:15 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 67EC 0
20 B 92ms
92ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BxpIgSrP5YZOjJOvU7_UP4fmn-A8AAAAAOAHgBAI&bg=!dHeldzPNAAYZkRhwGZE7ACkAdvg8WmRRg45pPZqKuRNPe4dY8-6z9_e4rlGtU3okNivNIHiv3OWeeQIAAADKUgAAAAloAQcKAGc5YPBfk7VnEyy0jC7ZiDcGKplGtyuSB5pyJF6XqtduSFYMO2d4F6_JXs05hVt7eYSdf0Htu_OFgzqaXvUwep4SR2VQiFqtb0rxmHHtJwXlwDo35aLHgAOt5dgbbMSSj9lb6I6KnbAumQMLAcSxqw_iMzy5X8XVVy6wCvXDJ5qTwkgIibgw67hz0QR_yU0-uuHHpUYe2CXxdFmYtgN0CsGQTt8Uqrwf8bNEODtxO0Zv5tRlWT9MBWmqhkSnjwfkTTudQuxQgs5hrL39XRxBwPzKmmZCXMhlUoiQev3QcO5ROU6eyLkGFpJwanlZ-CYUhCgNaReUxYfy8OVXMZvoS2GlHdWzQJTQR8EWxdwehUnP1DIG5HePCbVFJdD2qWqvFA8wt4i1ywMHD9eywynUe61vcey3yCUDR4VK2Y_CwuDVfTrGePzNuseRXiGZ4xWeBFy8_x14pMzt-02Tw8PJNvuL_RnKRZnhEls6VvQuv61rkv_Xi0xXvXcZs3MWRLpKr9yOYY_AQ16Vg_l3OP4Jv0bn8s7w6Q8LOe4wgmGCM8JRdZUHDp7ESZbfinM84ByFuRd8BxyhX3-DdCYbLN41wM83OqymzvaGnMuKPAQRCmROqEilEWWn7hhsBlwQrwUuYJR2Z9O5ugWkXXLYUtWlu76Bleb86mTWhCuKlXME-bSmHHozpwMQ2omXyJYywMXTCBm1Lc9xHjTIZogqJykVtVguF5Eamr60g-ADMNHmxy-JkRjv0y0UDLNlKrmdtpsv4LTUpepvYWQxcgXeM_SuEyNKogVOtJ0Oa2cKLTzu20XgoKKfX_SgofpSTGpNwqTFed1zFP5OKYKrEzTFX53mEEBbl_LmiWHmcqFlTbOerIXNw_Yk4atTli9qHCgSWbwN8F39FnJW4KiUYw1eA-CIiJbXlkjsjTTjCtE93HfZPCCi9lRP7uJKLIsZEyB89hvh7s2Hqftcwt2zumVUbpKxg6w7B5PXmAcE1nvK7hMlUwTcSLdx8xBVjLhQxwNpKYYUmbHOWoRAuLfMGfih9Yu9pYbqXzW8oIuRWlEO85-BsH5RrHlXZV3z3kzOHv70Ofr89iEa_L4rTaF3awCTfoezcD6F8uO-uq9jfXZ7rXN2iG2CutksY_TJB9x67zhVin6IX_VZUtR9uK7kO_O81LSR5QbMm1VVefY

Requested by

Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A88D 0
23 B 97ms
97ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuz0zXLW4H2r8Gz9y_JRh9N5Ro9x-Ey5WRTp-u4GuACKG88zre0fvlTODgYFo198uOW-SNWYbxT4MpZwA1y9sOwd_GDdqIrdwotVFFbNLYTrn51is8JyISJooLRjkNl9Sfsugf6eLPdUyaccehB4WmpQMdjt2evJfW4VygI4ueVx61x5yJzmJC2h1U8eT5Yst9oTIPI78-9AXns8s3oqgzdlQfRHKMJecMZMuU8N8m_op0v9u0O_UyEv6VSuDg2y04ZLOYrjocweGnp3v3Myw24hlQ8W2tQ8j31YG60J3BCR4pmlWRFtQGEd_re160HC00t0efg-9ooDijAu9lMKPtPgl29HIWWwva7j_KKyiEfyF02yOTa921h23CJqmRG8cdtE6PJaBOE9CM-MmFW9vaVuguSuSww4vBS1mFgFXMD4rIOJ0qDKmRMC1DL9eCA8NCpJT2DeA-_3j7uXHpOi6y6Gc-TxKZPXwPZRTomMUAR9Sj7sNb3gKb-EfvQwNiQW1dBB_0anA7OsvoyjTa5pyOELzChv_J-8WBmUwM0ClwBA_anbwYrCbbhoKTsL2-1cn8GSSKsBTSmP1sACGuuezxUFOcknMNJX3914SnDwLHO0CVv_eEvdhPvlEo2X-PByFoHicNmNUbrS52M-TwUBY5ngcszbFD-4n_s3zW6_F8FrA07KcCKvDPb4EfutM8vKFMVLlJOONxie9Dgx9ovbpiAVnuMXsohHZWyxzGXylqRvJcF_IsOEzSqn9ZVOmcn0xZmiWEkzgAECFjjrLJ1QJmTR3cygxUdpQq0GADgPC8b7DfjhD9oZiGDWUxrxQr5dVGi8yFpALpoNxoersU45d_7P5rfQBa8PyaD_v99KP9vZLo-PhWKgPi3bcxkc4DSkihiEXaZ0ca4nx01631QDM5ueDNsk8FigBsjRMd9Mn9uVphryZdhrVGKk3XPKH-d1veMdpkX6GajEObdG_LlNKCDsulZuXW9uiwTcOnHHbvU_3aIdBuAckgMgj6xkwa44-xxe44OFNNOGPskUbk0OyAiC9_7Wi4VDCpbZ5ZJXw68yIlvy-9FXvCA5Pg50IeHEd0rdJisdl6D46SchS7MeMM_QDnCLXpoL8BzGpvAty8sCdGKUtKzpuNeLY09JVckeaG0SaWvxaIPLtf1JX_Pt-8W3k7Hg9BAmYdCsQKC0K2mYvzJ46oVhkFkenOCGuhB7QCR6sIFYqmWzOo&sai=AMfl-YQ49W1Atm4iorfAAGBT4aM6TTKr4iIRw7PJ7W-62vHVBuaLeuUQ-GMLLoEHXTfQ2tOJ1kp12ifuMpFNuTsbihBtwHVwv3Tz2b1vM1f0i5OX0MHoaE_WBTOxnS3ucHvK_K5_evAe7WpaWiDkVg2LdbEF-mdAoQ&sig=Cg0ArKJSzJU8XT5HgMfhEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=236&vt=11&dtpt=170&dett=3&cstd=64&cisv=r20220131.24168&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 01 Feb 2022 22:25:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 -RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js Show response
pagead2.googlesyndication.com/bg/ Frame 8183 35 KB
13 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f91417ba47adb96f6358862c68ce52f90977d4f5e806c99deaf76414766d0d02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 20:20:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 353067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13701
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Jan 2023 20:20:48 GMT

GET
H3 200 tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 55F3 6 KB
2 KB 71ms
70ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11159005284673318224/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:23:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2072
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 07:44:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Feb 2022 22:38:52 GMT

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 55F3 2 KB
1 KB 69ms
69ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/cta_jetzt_buchen.svg

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9f7ca92ac484587069e344faf7ecd9f82c53739d5008d5adcfafa7e705d9ba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11159005284673318224/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:24:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 998
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 10:03:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Feb 2022 22:39:05 GMT

GET
H3 200 txt_flex.svg
s0.2mdn.net/creatives/assets/4372121/ Frame 55F3 2 KB
1 KB 71ms
70ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4372121/txt_flex.svg

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3293ad8919d2d0564a38afe9b8a6cf876c94b041fabaeb1cfd38dd73806132b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11159005284673318224/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:24:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1140
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 11:47:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Feb 2022 22:39:06 GMT

GET
H3 200 icon_plus.svg
s0.2mdn.net/creatives/assets/4372121/ Frame 55F3 677 B
392 B 71ms
70ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4372121/icon_plus.svg

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c585d566dc826dd3d02e5054bab18f7d72db6e6610f11f22a9d96c5661454dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11159005284673318224/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:24:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 357
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 11:45:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Feb 2022 22:39:06 GMT

GET
H3 200 txt_mit_dem_kfp.svg
s0.2mdn.net/creatives/assets/4372121/ Frame 55F3 5 KB
2 KB 72ms
71ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4372121/txt_mit_dem_kfp.svg

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

584f814328996ae9a655eb8b2073a86b2fd17686300372f73e031e085a15cb37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11159005284673318224/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 790
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1732
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 16:43:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Feb 2022 22:27:05 GMT

GET
H3 200 txt_kinder_reisen_ab_99.svg
s0.2mdn.net/creatives/assets/4372121/ Frame 55F3 4 KB
2 KB 72ms
72ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4372121/txt_kinder_reisen_ab_99.svg

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1415e3d06dc4f34dd36ed7a3b4ab2adfff64ead666792e8a0589bbae62e46c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11159005284673318224/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1787
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 16:43:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Feb 2022 22:40:04 GMT

GET
H3 200 728x90_radiant.svg
s0.2mdn.net/creatives/assets/4302518/ Frame 55F3 4 KB
941 B 73ms
72ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4302518/728x90_radiant.svg

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ee2edf2ddb1d690e30013c9af36fd43243bded4b13941716fe64bc54dd9c8f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11159005284673318224/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 353
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 906
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:23:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Feb 2022 22:34:22 GMT

GET
H3 200 728x90_gradiant.svg
s0.2mdn.net/creatives/assets/4302518/ Frame 55F3 891 B
511 B 74ms
73ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4302518/728x90_gradiant.svg

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8551d5827d3b97980f38b6448a6bc9aede2808c3e33ea5a24e49f89cafbe1a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11159005284673318224/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:24:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 476
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:23:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Feb 2022 22:39:50 GMT

GET
H3 200 728x90_kv.jpg
s0.2mdn.net/creatives/assets/4372121/ Frame 55F3 9 KB
9 KB 74ms
74ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4372121/728x90_kv.jpg

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab5d5e8a0f24a0f889660cf30d67f447fc32072949c2036f0bc8b0386e518d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11159005284673318224/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:14:54 GMT
x-content-type-options: nosniff
age: 621
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8947
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 16:20:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Feb 2022 22:29:54 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 609B 17 KB
6 KB 165ms
165ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 01 Feb 2022 22:25:15 GMT

GET
DATA 200
OK truncated
/ Frame C43F 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a5e2fdeee01580357b0fe44c7c1b73f571722ccf5818ef0147116ff2ce8df0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9A37 42 B
64 B 91ms
90ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuU6Gwm1ZYpcrJwey13g5d9Tp6niG65iUUGwhCLxsRnwYFR7ACv8HaDXT5Z-JX9LxGLTzWnjxT7X_JuPiROQ8sM0DDl3Sh10XFdhtCb2OuX-MbR4I-Vnw&sai=AMfl-YTHPv41jPcXTHP2rl-FZR3-VjIPV2LW19aqHIgH5R9R83foebzVqdif9DQm71JohJzeuvr7KCU03DrynJXjY_ww6OA-C2qyHrlRjL_GI58vVC9XZs14nJ_nQqQ&sig=Cg0ArKJSzNj5OqPVs3CPEAE&cid=CAASEuRoVPNCr1PfZEmbW-F1Kx9zSQ&id=lidar2&mcvt=1046&p=198,315,288,1043&mtos=1046,1046,1046,1046,1046&tos=1046,0,0,0,0&v=20220131&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=4089557028&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643754314203&rpt=166&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame A88D
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/912962/59461375/4.js?ias_dspID=3&ias_campId=26029340&ias_pubId=pub-6330791094260149&ias_chanId=1&ias_placementId=15845895118&bidurl=https://portaldobitcoin.uol...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

130ms
60ms

Script
application/javascript

2600:9000:223f:c600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:223f:c600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 460ff0b1da5bacd95df6905ad1c8df05bdda30aa4189e2fef38b53b6318e42ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:52:00 GMT
content-encoding: gzip
age: 538396
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 26 Jan 2022 16:51:51 GMT
server: AmazonS3
etag: W/"96e16e7453ae2e6952bc6d2a20ea29f7"
vary: Accept-Encoding
x-amz-version-id: TI7Wu8.c3shY9Kbc25ps.McAaw9Y1JrB
via: 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: d3dkRQe-aHYgUmrxpoTA5L8wACxJKeL3GZwxIspPeCzCnIRiHljV0w==

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:15 GMT
x-server-name: app16.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame F4A5 80 KB
21 KB 193ms
55ms Script
application/javascript 2600:9000:223f:c600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:c600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 08:08:31 GMT
content-encoding: gzip
age: 10678605
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: DgVzpNz10GouEYVaMgpyckojGhQrgDM40iwwkraqudTBJDrjmbKq6w==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A88D 43 B
215 B 477ms
153ms Image
image/gif 52.201.20.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=912962&asId=f0101b0f-f173-5a62-80ea-27fd86b3c388&tv=%7Bc:30IXYL,pingTime:-3,time:55,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:15%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:55,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B50~0%5D,as:%5B50~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sWelAK0+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C1613%7C1614%7C171%7C172%7C173%7C174%7C18%7C19%7C1a*.912962-59461375%7C1a1%7C1a2%7C1a3%7C1a41,idMap:1a*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by: Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.20.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-20-189.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:15 GMT
x-server-name: dt17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A88D 43 B
216 B 474ms
152ms Image
image/gif 52.201.20.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=912962&asId=f0101b0f-f173-5a62-80ea-27fd86b3c388&tv=%7Bc:30IXYN,pingTime:-6,time:57,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:57,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B52~0%5D,as:%5B52~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sWelAK0+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C1613%7C1614%7C171%7C172%7C173%7C174%7C18%7C19%7C1a*.912962-59461375%7C1a1%7C1a2%7C1a3%7C1a41,idMap:1a*,rmeas:1,rend:0,renddet:na%7D&tpiLookup=ao:portaldobitcoin.uol.com.br*&br=c
Requested by: Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.20.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-20-189.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:15 GMT
x-server-name: dt18.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 bridge3.496.0_pt_br.html Show response
imasdk.googleapis.com/js/core/ Frame 870A 601 KB
195 KB 105ms
49ms Document
text/html 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.496.0_pt_br.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26264649cc6ad0e4b3de371e128c8405cf993313cd561b7b6097654168dacba4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://s.dynad.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 199699
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 28 Jan 2022 22:09:08 GMT
expires: Sat, 28 Jan 2023 22:09:08 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 28 Jan 2022 21:03:56 GMT
content-type: text/html
age: 346567
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 client.js Show response
s0.2mdn.net/instream/video/ Frame C43F 44 KB
16 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Feb 2022 22:25:15 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame C43F 107 B
122 B 52ms
52ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=s.dynad.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 01 Feb 2022 22:25:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A88D 43 B
215 B 443ms
153ms Image
image/gif 52.201.20.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=912962&asId=f0101b0f-f173-5a62-80ea-27fd86b3c388&tv=%7Bc:30IXZk,pingTime:-2,time:90,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:627,beZ:628,mfA:629,cmA:630,inA:630,inZ:633,prA:633,prZ:638,si:642,poA:643,poZ:659,cmZ:659,mfZ:659,loA:683,loZ:686,ltA:717,ltZ:717%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:15%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:90,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B85~0%5D,as:%5B85~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sWelAK0+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C1613%7C1614%7C171%7C172%7C173%7C174%7C18%7C19%7C1a*.912962-59461375%7C1a1%7C1a2%7C1a3%7C1a41,idMap:1a*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,sinceFw:74,readyFired:true%7D&br=c
Requested by: Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.20.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-20-189.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:15 GMT
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A537 37 KB
13 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 21:56:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1721
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 01 Feb 2022 22:56:34 GMT

GET
H3 200 -RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js Show response
pagead2.googlesyndication.com/bg/ Frame 914D 35 KB
13 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f91417ba47adb96f6358862c68ce52f90977d4f5e806c99deaf76414766d0d02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 20:20:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 353067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13701
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Jan 2023 20:20:48 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8183 0
20 B 120ms
119ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYOZYSrP5YemqOeDV7_UPxYCl4AYAAAAAOAHgBAI&bg=!09Cl0JTNAAYZkRhwGZE7ACkAdvg8Wq10LXCbb3pM22Lba5cYAS-61pfPAga7vuRt_9DB1Jwa6ACdiwIAAAE2UgAAAAJoAQeZAyYoNve1aV4NnPHEI-aqSorN7mDNoiM1lGg3mKLuoUaOiApFhtVBTFWwqcyFtnEfVz00HFCZN5Ft4ZSNK47Gu6Ox_pzqAb3dwDjZdBHMvO13a_JN_StD92mOUZqUxN5PZGllT5GEGsRmmgmpLW4YCWwuBv6ZMvbXMofjI46dkl_HwLnMBhqbLzjN2s7_17i7ofvYAjpeIvboGHLQ1v0FcsxPHqlb_ue2QKkpGywaA90s9yR3ZtYjiUpYacdqlXdSjjPoD7-hrXB-PIC4zBntnbOXMJ0ivr7YjNpB99Gbw8pgOpkvUF5Xblo8oX0kvddbLEvsOBZ8Y8B3a8wj8zL-u4nsQciw4Kwbf-qAJO3ymj1iG2TgIlEeXcCwJPoGCFxCzguXJ_iot7R7VeHyLcWK03aqG4F7KZ7E9_3OlZxbWGkRHIumw2LVVvmAEH8GT15KLVq1XS82zuz-rWOU3ES6-Wicsnt7gQhhNBiG9sqSoYn80_9bOpMgN5GuSmptqP03SrSR0LUPZX-yOGg18hM9C9HatfQhLhoL_p8Yju0lecfcnYHpb1bQ46b6ZYoqzEeWxhDsMS2ykNmdfcdMARQybDT-cOlx9ZN-MDt9B_v0OdeatKV5TiOrE2ECL1BUoS5yEnFViLvTaJXub7r9otWbZWkSim2BL8CjEiTWRlOgD3J0EgZg64Ezl-Iw0CVcrpXyKGpgcXEimZC57TuJD4KbubPap9ScfRhfKDXshusbE93yDpwb9wRuVa_U__TKSpT3nhaXJcbtgU0RGCKVQmWFvHNDAZjlMtPM3ibcZIPtTHJwLVl74B0fMHInaxwPa2D5sLNw5A1bYh3Ikqu_s4TAiaQi8oqpii_G8uNM5LDQGbLpU-qbDT_FIKzC8V5aJy-phzBooAmW5cEwbJErjQ3ehzt9VpbgvnvOGd00lpxzlYq69nFzC4MSAMnYtesHD9HHpLsPzaphw_eVD7Sz0bA-xEcRz5aSCUHiyv4z6Mxlr-Yr4XekOqMVAHor96Z9Xv5ZIP9HIXCD2mE7eLG5lRyA6GP5pzBuPtRTwawjaeKnWfaz39htxoT0cw

Requested by

Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 870A 156 B
523 B 318ms
317ms XHR
text/xml 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?sz=480x360&iu=%2F8804%2Fparceiros%2Fportal_bitcoin%2Fin-article&ciu_szs=300x250&gdfp_req=1&env=vp&output=xml_vast4&unviewed_position_start=1&cust_params%3Dvideoplayersize%3Dsmall%26keyword%3Dvideo-auto-play&description_url=https%3A%2F%2Fportaldobitcoin.uol.com.br%2F&correlator=3424568296530928&cust_params=videoplayertype%3Ddynad_in-article%26keyword%3Dvideo-auto-play%26origin%3Dportaldobitcoin%20uol%20com%20br%26hasFocus%3Dtrue%26bt%3D9000%26UOLDNA%3Dnull%26hasMouseIn%3Dfalse%26UOLID%3Ddd991084-5a0b-415f-930f-ee32a2c7e3bc&ad_rule=0&vad_type=linear&vpos=preroll&pod=1&min_ad_duration=0&max_ad_duration=999999000&ppos=1&lip=true&video_url_to_fetch=https%3A%2F%2Fportaldobitcoin.uol.com.br%2F&vpa=auto&vpmute=1&sdkv=h.3.496.0&osd=2&frm=2&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3446653794&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.496.0&sid=3D6C8E64-9556-44F7-99F9-9EDC4943990F&nel=0&eid=44750824&url=https%3A%2F%2Fportaldobitcoin.uol.com.br%2F&ref=https%3A%2F%2Fportaldobitcoin.uol.com.br%2F&dt=1643754315947&scor=3508724839799682&ged=ve4_td1_tt0_pd1_la1000_er17.0.167.300_vi0.0.0.0_vp0_eb16747

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.496.0_pt_br.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7BF0 42 B
64 B 75ms
74ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvSiUehe0Vr2GbyP2NHDIxzbJtotfGaSkT3Q8wmV1en_1y9HoURH7eKTOZZc4s1ui7e-ssTLSaCeLx9CBCvFbSevdsoYBMYlWEwox4n-UgbrC3UZtSwRA&sai=AMfl-YTFw_51OcXw9y_o0a_PprzKjohlKci_cAdShGj6TJLCvKiDilST1rLn9k3RiiDHoKX-9e8wJ_YZH_YkWZCXCPCkGLnV0G-qA7hnIqO_uW3FdxfYTkHBSsH6jjg&sig=Cg0ArKJSzDgYBTrNvOnxEAE&cid=CAASEuRoSXv6D12CxRbsm6YeqBraeQ&id=lidar2&mcvt=1000&p=482,1347,522,1388&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220131&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1912566433&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643754314506&rpt=264&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A88D 43 B
215 B 123ms
123ms Image
image/gif 52.201.20.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=912962&asId=f0101b0f-f173-5a62-80ea-27fd86b3c388&tv=%7Bc:30IY6C,pingTime:-10,time:542,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ny4wLjQ2OTIuNzEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1643754315978%7C%7Cb67c7132a95f0202046fe73088040428%7C%7C8866308252d63f9bf74b74e606896148%7C%7Cc2ce2649c0fec1da9a10713d06d15abf%7C%7C40996c4445a9d0db00ce763e0633ba08%7C%7C8357cb109bb5b8eaa16260717a8f3a75%7C%7C433f4901e366dc50ac0a7f3037b39b7a%7C%7Cc817ec64f04fd55273f06cbc1a9bb0d7%7C%7C1629390669%7D
Requested by: Host: c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
URL: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.20.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-20-189.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:16 GMT
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK partner Show response
tracker.bt.uol.com.br/ 0
546 B 663ms
199ms Script
application/javascript 2804:49c:3101:401:ffff:ffff:ffff:52
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.bt.uol.com.br/partner?source=tagmanager
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2804:49c:3101:401:ffff:ffff:ffff:52 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 22:25:16 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
Cache-Control: no-cache
Connection: close
Content-Type: application/javascript;charset=utf-8
Expires: Tue, 01 Feb 2022 22:25:15 GMT

GET
H2 200 purge-clients.html Show response
tm.uol.com.br/ Frame A0FC 213 B
849 B 14ms
14ms Document
text/html 2600:9000:2251:9e00:6:5b96:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:9e00:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/

Response headers

content-type: text/html;charset=UTF-8
content-length: 182
server: marrakesh 1.16.6
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
last-modified: Tue, 05 Jan 2021 17:11:31 GMT
content-encoding: gzip
date: Tue, 01 Feb 2022 22:16:05 GMT
expires: Tue, 01 Feb 2022 22:26:05 GMT
cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
etag: 8b30191927f0982283d45c76292da712
x-cache: Hit from cloudfront
via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: eojcYnYVh3YbeRCbKID_KXMFMX0ThurEPIZjZuTVROV5yEy419Urgg==
age: 551

GET
H2 200 purge-clients.html Show response
tm.uol.com.br/ Frame F07E 213 B
847 B 14ms
13ms Document
text/html 2600:9000:2251:9e00:6:5b96:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Requested by: Host: portaldobitcoin.uol.com.br
URL: https://portaldobitcoin.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:9e00:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/

Response headers

content-type: text/html;charset=UTF-8
content-length: 182
server: marrakesh 1.16.6
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
last-modified: Fri, 07 May 2021 13:45:52 GMT
content-encoding: gzip
date: Tue, 01 Feb 2022 22:16:05 GMT
expires: Tue, 01 Feb 2022 22:26:05 GMT
cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
etag: 8b30191927f0982283d45c76292da712
x-cache: Hit from cloudfront
via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: DckxCzJBN702JRgt283WFHnr-ViUofQ5ETmO_m959p74t30d5tW65Q==
age: 551

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 27ms
27ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220131&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e62f7ccfc8925a4fc983e1eca469858fb63cbcd6efe450dece6f625a22a8d708

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 01 Feb 2022 22:25:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9954
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 104ms
103ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 01 Feb 2022 22:25:16 GMT

GET
H2 200 client-purge.js Show response
tm.jsuol.com.br/modules/ Frame A0FC 42 KB
9 KB 18ms
17ms Script
application/javascript 2600:9000:2250:1600:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/client-purge.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:1600:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 02cedafe40684ea851c1853ef6d8e230a6966043c9e788c8db4432f8375d4818

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tm.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:05:19 GMT
content-encoding: gzip
age: 1197
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 8899
access-control-allow-origin: *
last-modified: Fri, 07 May 2021 05:04:13 GMT
server: marrakesh 1.16.6
etag: 7f26a4519ac2b1604a29daf81d3f336f
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P2
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: 5VJGmGZgI9Yxwr0fJb9wx2t6GSJCS2p7TGocpOS4fqs6En0ulPzD0w==
expires: Tue, 01 Feb 2022 23:05:19 GMT

GET
H2 200 client-purge.js Show response
tm.jsuol.com.br/modules/ Frame F07E 42 KB
9 KB 19ms
18ms Script
application/javascript 2600:9000:2250:1600:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/client-purge.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:1600:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 02cedafe40684ea851c1853ef6d8e230a6966043c9e788c8db4432f8375d4818

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tm.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:05:19 GMT
content-encoding: gzip
age: 1197
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 8899
access-control-allow-origin: *
last-modified: Fri, 07 May 2021 05:04:13 GMT
server: marrakesh 1.16.6
etag: 7f26a4519ac2b1604a29daf81d3f336f
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P2
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: W-3JhVTEFM3kyq7i8Acx0FR_aAOJgNI83_WLbQXEkCmiY1FmYnZSHA==
expires: Tue, 01 Feb 2022 23:05:19 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A88D 43 B
215 B 113ms
112ms Image
image/gif 52.201.20.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=912962&asId=f0101b0f-f173-5a62-80ea-27fd86b3c388&tv=%7Bc:30IYb2,time:816,type:e,im:%7Bpci:%7Btdr:658%7D%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:816,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B811~0%5D,as:%5B811~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:126,fm:sWelAK0+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C1613%7C1614%7C171%7C172%7C173%7C174%7C18%7C19%7C1a*.912962-59461375%7C1a1%7C1a2%7C1a3%7C1a41,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.20.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-20-189.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:16 GMT
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 93D4 13 KB
5 KB 11ms
10ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 01 Feb 2022 22:16:19 GMT
expires: Wed, 01 Feb 2023 22:16:19 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 537
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E7E0 783 B
535 B 18ms
18ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f0821c1b6197393875482c8811f87eb25e07f0a9b4e1a65ff9ee913850081196

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UzlgoUtRMzb2A9ABSd4vmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 01 Feb 2022 22:25:16 GMT
date: Tue, 01 Feb 2022 22:25:16 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-UzlgoUtRMzb2A9ABSd4vmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
t.dynad.net/pc/ 70 B
423 B 204ms
204ms Image
image/png 2804:49c:3403:2676:ffff:ffff:ffff:6
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.dynad.net/pc/?dc=5550003218;ord=1643754316319
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2804:49c:3403:2676:ffff:ffff:ffff:6 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: D3-FE12 / DynAd.net
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:16 GMT
server: D3-FE12
x-powered-by: DynAd.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
x-dynad-tracker: v1.1.558 Power Stroke
cache-control: max-age=0
content-type: image/png
expires: Tue, 01 Feb 2022 22:25:16 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E7E0 0
0 46ms
46ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220131&jk=2270778085280055&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 -RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js Show response
pagead2.googlesyndication.com/bg/ Frame 93D4 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f91417ba47adb96f6358862c68ce52f90977d4f5e806c99deaf76414766d0d02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 20:20:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 353068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13701
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Jan 2023 20:20:48 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 93D4 0
9 B 7ms
7ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?HKU-BQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:25:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220131&jk=2270778085280055&bg=!JySlJGDNAAYZkRhwGZE7ACkAdvg8Wgm7DZyuex5UW27n7aHlXxxS9FmBHFq2JF7Lup_MHIRxNSt82wIAAABhUgAAAANoAQcKAEzYikmVLS93e4BHbiGyDYVr6w9OoDInH27hXhP-i_rTqc1vbkYEqD7QlaUSgZ_tunhl09cmgaTdh9jsa12hds1gDTQKRFliY_IzIt_vmQKucJouYuUWGej0l26MM4Cjh4vSxBj7SmczJBqNpp8TaFB2G-joA1fmn3YigMm_a9zawvgHLeXqWETaJSji7jPUteZa3-SjRw88OqwtCbl4b4tgoNTabYKQUbfDqoZ4dXWqVDup4jt20iH2aLgRASymbwFUt_VUZJ7W2NZgQScmxosjxZWCIUpKmFfFjzUrZlHioyUqUwNSQN3gkK_8-YnCHBi4C4JeBfVR_DESgZ1JOh2W39fKaZw7emJUCt6yKYrEZn7GsCJTNfHHAI8nNP-2Me1Tma6ZWJxN2EAltp5Eskt44eDb7EhlkKlwQlFwJfrzKKOEKQneF5sxfiWoWF1pnePOzxp9ttIwLErVKSkhGfIZ7FX8fxJnBu5jkx4sG2AtEV31UJSA9r4lHqxBghJbH7yM7086N6gu-ptvfM3wMkgNrZHt8yLtFfwuvmpZ0OeupkAHpLAyE4CoasTbIZOeY2GbPkES9AmxQMKhqxHdxJpej2A60qhPCCenHvTUIbU5qULXaunYva1pe0OxQWpPMDgQ8K3DlbfUyzZAcHPt0h0oJcbuvf3byOjlKjSiMsYuR8kyhK9I2DoaCI0e1M1i-2l9dbKAv-CSUVehGFHSSRIR1PU_J0CRCj700TMZv-8tqGMmVHFBDQRX624QECjj5KuXE5bUeFM_2h-zMfmZzoBHh4zh-8AUmF2b8OaanNQw_WFCWeQdXfDRmkLtnegcbdUHrChx2QRhh15Cx4dhBEXd2xj_Nsc31Xtv4YHE67hf_FpiANhle6ZSeXL40h1NanbF6QJavXWJg46Ir8aIH8dZ5GRUY4iX0qSIR5WbwwasKw2rhu3dMHdeDucJojis7Of1ZhTUoh1zMqt56Co0ExKuSR7EQp_OZRfCv8HFr93yHE3ZQxiTX0dL7G2Sqv4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portaldobitcoin.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 22:25:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmRUn3tR3YAzQxLmqQDC_L6cQIzycrcaBmvqu1RifyuPoKVKhXnE51P5-y3UWDJXRS

Verdicts & Comments Add Verdict or Comment

200 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

55 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
portaldobitcoin.uol.com.br/	1970-01-20 01:19:06	Name: advanced_ads_browser_width Value: 1600
.uol.com.br/	1970-01-20 18:07:06	Name: _ga Value: GA1.3.289430633.1643754313
.uol.com.br/	1970-01-20 00:37:20	Name: _gid Value: GA1.3.601692819.1643754313
.uol.com.br/	1970-01-20 00:35:54	Name: _gat_gtag_UA_98991334_1 Value: 1
.t.tailtarget.com/	1970-01-20 09:21:30	Name: u Value: fwAAAWH5s0lzigbRQFtJAgB=
.t.tailtarget.com/	1970-01-20 00:38:47	Name: _ssc Value: y
portaldobitcoin.uol.com.br/	1970-01-20 00:35:56	Name: tt_c_vmt Value: 1643754313
portaldobitcoin.uol.com.br/	1970-01-20 00:35:56	Name: tt_c_c Value: direct
portaldobitcoin.uol.com.br/	1970-01-20 00:35:56	Name: tt_c_s Value: direct
portaldobitcoin.uol.com.br/	1970-01-20 00:35:56	Name: tt_c_m Value: direct
portaldobitcoin.uol.com.br/	1970-01-20 17:52:42	Name: _ttuu.s Value: 1643754313329
.tt-10162-1.seg.t.tailtarget.com/	1970-01-20 01:19:06	Name: trk Value: 6qh+3GbH7N22D3D9d5dmdVdciCujUruT5qr8568QRoA=
portaldobitcoin.uol.com.br/	1970-01-20 09:21:30	Name: tt.u Value: 0100007F49B3F961D1068A7302495B40
.t.tailtarget.com/	1970-01-20 01:19:06	Name: ttbprf Value: ___se_1643754313641_3644888862
.t.tailtarget.com/	1970-01-20 00:35:56	Name: ttc Value: 1
.t.tailtarget.com/	1970-01-20 01:19:06	Name: ttnprf Value:
portaldobitcoin.uol.com.br/	1970-01-20 00:37:20	Name: tt.nprf Value:
.udr.uol.com.br/	1970-01-20 09:21:30	Name: UOLID Value: dd991084-5a0b-415f-930f-ee32a2c7e3bc\|0
.uol.com.br/	1970-01-20 09:57:30	Name: __gads Value: ID=64ecff70fbd112e7:T=1643754312:S=ALNI_MYP4n-D2jL_64qoq6AfK6zk9ZwA2w
.tt-10162-1.seg.t.tailtarget.com/	1970-01-20 00:35:57	Name: ttca Value: _1643754313
.scorecardresearch.com/	1970-01-20 17:52:42	Name: UID Value: 149f8d332f424c09a593c9a1643754314
.uol.com.br/	1970-01-20 00:35:54	Name: _gat_uolMain Value: 1
.t.tailtarget.com/	1970-01-20 01:19:06	Name: n Value: 1643754314
portaldobitcoin.uol.com.br/	1970-01-20 10:04:42	Name: _cb_ls Value: 1
.dynad.net/	1970-01-20 18:06:55	Name: uid Value: 012471643754314041
.adnxs.com/	1970-01-20 02:45:30	Name: uuid2 Value: 376988725579613914
portaldobitcoin.uol.com.br/	1970-01-20 10:04:42	Name: _cb Value: CSB792Bbc4Q4CLXh9T
portaldobitcoin.uol.com.br/	1970-01-20 10:04:42	Name: _chartbeat2 Value: .1643754314405.1643754314405.1.DvgCEvDQnsrxiImTKCjZhr_OCpKf.1
portaldobitcoin.uol.com.br/	1970-01-20 00:35:56	Name: _cb_svref Value: null
.casalemedia.com/	1970-01-20 02:45:30	Name: CMPS Value: 5201
.advertising.com/	1970-01-20 09:22:56	Name: APID Value: UPd3a920a3-83ad-11ec-b817-0258a5491656
.travelaudience.com/	1970-01-20 10:01:49	Name: _tracker Value: %7B%22UUID%22%3A%22D38AFF5C-EAB4-4771-895D-8B3678E12765%22%7D
.yahoo.com/	1970-01-20 09:21:51	Name: A3 Value: d=AQABBEqz-WECEEGbB-sflhpwHT2IwLNBS5MFEgEBAQEE-2EDYgAAAAAA_eMAAA&S=AQAAAmUCnYlMQxo0Y-LDcW7GVgI
.casalemedia.com/	1970-01-20 02:45:30	Name: CMPRO Value: 1120
.pubmatic.com/	1970-01-20 00:37:20	Name: KTPCACOOKIE Value: YES
.adform.net/	1970-01-20 01:16:13	Name: C Value: 1
.pubmatic.com/	1970-01-20 02:45:30	Name: KADUSERCOOKIE Value: 50191FF5-EAAD-4C63-B16C-EE9A87AB4AB5
.adform.net/	1970-01-20 02:02:18	Name: uid Value: 269271309228997075
.casalemedia.com/	1970-01-20 09:21:30	Name: CMID Value: YfmzSnCf48JsP5.p9M3WQAAA
.3lift.com/	1970-01-20 02:45:30	Name: tluid Value: 4528351941642750929490
.tribalfusion.com/	1970-01-20 02:45:30	Name: ANON_ID Value: a4nseFSZdIiiSTnMSYlNl0HoVfZaFgYg5bD8p9T9itgkognlXCIRSEpQFj8ZbYGdRAyS2JfXlRju34DYnmu7VHZc
.doubleclick.net/	1970-01-20 09:57:30	Name: IDE Value: AHWqTUkBuBihCT8PCxWdh4cbrB73sZ_PTl1SDrF6pti0WJzVQKY4Iw5I8GOquXrZ3WQ
.casalemedia.com/	1970-01-20 00:37:20	Name: CMST Value: YfmzSmH5s0sA
.w55c.net/	1970-01-20 10:01:49	Name: wfivefivec Value: WpXfAVh51Nf1An5
.turn.com/	1970-01-20 04:55:06	Name: uid Value: 4202614498200534503
.adnxs.com/	1970-01-20 02:45:30	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C%wr.Q4x!]tco8i_iqf!oN/@E'zz<*Z0Q5y/S/C]pe><(-5?S+l=l<.V278^qx`hcxl=<QG=%9sk@3@'s>T1Zbce
.w55c.net/	1970-01-20 01:19:06	Name: matchgoogle Value: 5
.casalemedia.com/	1970-01-20 09:21:30	Name: CMRUM3 Value: 2d61f9b34b2760CAESEHDIC3J0qggviWRIayFImxE
.analytics.yahoo.com/	1970-01-20 09:22:56	Name: IDSYNC Value: "18wq~22zy:18yx~22zy"
.o2online.de/	1970-01-20 00:45:59	Name: webShopPV Value: ?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=27008872_4307561_324251169_146045686_-0&ref=27008872_4307561_324251169_146045686_-0
.everesttech.net/	1970-01-20 09:21:30	Name: everest_g_v2 Value: g_surferid~YfmzSwADCGyKmgBB
.1rx.io/	1970-01-20 09:21:30	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-1cf83c93-83ee-4c89-9b51-52d797ad4c75-003%22%7D
.targeting.unrulymedia.com/	1970-01-20 09:21:30	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-1cf83c93-83ee-4c89-9b51-52d797ad4c75-003%22%7D
.uol.com.br/	1970-01-23 16:14:47	Name: BTCTL Value: 75
.bt.uol.com.br/	1970-01-23 16:14:47	Name: BTTRK Value: 75691d23cc624faeb41606a959d85e97\|202500010222

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5124525914303576&output=html&adk=1812271804&adf=3025194257&lmt=1643754312&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fportaldobitcoin.uol.com.br%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643754312872&bpp=3&bdt=790&idt=70&shv=r20220131&mjsv=m202201240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3870943842260&frm=20&pv=2&ga_vid=289430633.1643754313&ga_sid=1643754313&ga_hid=1739137194&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064528&oid=2&pvsid=2270778085280055&pem=426&tmod=1831328892&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=86 Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://s0.2mdn.net/sadbundle/17958001102165811819/index.html Message: <link rel=preload> has an invalid `href` value
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfmzSiY0SBAHURrTHgGynwAABGAAAAIB&google_gid=CAESEAWH18HL5B1WcyxJguBLW0w&google_cver=1&google_push=AYg5qPL8SWl6pJK1zLvBV1hX-_piiUy9pXtmRUn3tR3YAzQxLmqQDC_L6cQIzycrcaBmvqu1RifyuPoKVKhXnE51P5-y3UWDJXRS Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
javascript	warning	URL: https://portaldobitcoin.uol.com.br/ Message: The resource https://stc.uol.com/c/webfont/projeto-grafico/v2/icones-setas/uol-icones-setas.eot?2017 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://portaldobitcoin.uol.com.br/ Message: The resource https://stc.uol.com/c/webfont/projeto-grafico/uol-font/uol-text-regular.eot?v5 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
b.t.tailtarget.com
c1.adform.net
c4a33cdc48d40d292811abe351f3a90a.safeframe.googlesyndication.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
image6.pubmatic.com
imasdk.googleapis.com
imguol.com
jsuol.com.br
m.t.tailtarget.com
mab.chartbeat.com
match.adsrvr.org
me.jsuol.com.br
pagead2.googlesyndication.com
partner.googleadservices.com
ping.chartbeat.net
pixel-sync.sitescout.com
pixel.advertising.com
pixel.rubiconproject.com
pm.w55c.net
portal.o2online.de
portaldobitcoin.com
portaldobitcoin.uol.com.br
pubads.g.doubleclick.net
r.turn.com
s.ad.smaato.net
s.dynad.net
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.chartbeat.com
stats.g.doubleclick.net
stc.uol.com
sync-tm.everesttech.net
sync.1rx.io
sync.targeting.unrulymedia.com
t.dynad.net
t.tailtarget.com
tm.jsuol.com.br
tm.uol.com.br
tpc.googlesyndication.com
tracker.bt.uol.com.br
tt-10162-1.seg.t.tailtarget.com
udr.uol.com.br
upc.udr.uol.com.br
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
cm.g.doubleclick.net
13.32.121.72
142.250.185.226
142.250.185.98
142.250.186.130
15.197.193.217
151.101.194.49
18.156.0.31
18.157.231.140
18.66.97.94
185.33.221.13
198.47.127.19
2.20.85.164
200.147.4.47
2001:678:cb4:bbbb::11
213.19.147.44
23.22.200.199
2600:9000:223c:1a00:18:1fcd:34f:cdc1
2600:9000:223d:c400:d:bb6e:2980:93a1
2600:9000:223f:1400:1b:5138:8a40:93a1
2600:9000:223f:c600:8:48e:53c0:93a1
2600:9000:2250:1600:6:9eb2:5cc0:93a1
2600:9000:2251:9e00:6:5b96:3f00:93a1
2600:9000:236e:ae00:1:bcff:6780:93a1
2606:4700:3036::6815:163e
2606:4700::6812:c05
2804:49c:3101:401:ffff:ffff:ffff:50
2804:49c:3101:401:ffff:ffff:ffff:52
2804:49c:3102:405:ffff:ffff:ffff:7
2804:49c:3403:2676:ffff:ffff:ffff:6
2804:49c:4208:405:ffff:ffff:ffff:3
2a00:1450:4001:800::2002
2a00:1450:4001:801::2004
2a00:1450:4001:802::2002
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2008
2a00:1450:4001:827::200e
2a00:1450:4001:828::2003
2a00:1450:4001:829::2001
2a00:1450:4001:82f::2001
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::2006
2a00:1450:400c:c1b::9b
2a04:4e42:200::714
3.127.158.112
34.102.185.99
35.190.0.66
37.157.2.236
52.201.20.189
54.171.208.149
66.155.71.150
69.173.144.165
76.223.111.18
82.113.101.132
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592
02cedafe40684ea851c1853ef6d8e230a6966043c9e788c8db4432f8375d4818
05aea1379cfa4a7d231302207ed1d524743d7d165093eae37eb88d53769ff9c0
07f49ecd1dc4f24b57a7c57537a93898779ac1a8d18c9d09e66677883cce6fae
082b5c8aba12bad9bdc505f065c752d9e1f5cecd20fdfc71fb216c3d5c1183d6
0a4d3e7c518e0771ed59584e8621048d529d18bac487045f0c4bbe8da1822bd2
0a5e2fdeee01580357b0fe44c7c1b73f571722ccf5818ef0147116ff2ce8df0c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c585d566dc826dd3d02e5054bab18f7d72db6e6610f11f22a9d96c5661454dc
0cd10f44f0ec3e2739d4f3877e3353ebb7b3ff08028bde7ab3d21f57b39d9dfe
12523501996e31c888ba97e221f91e2033222e7e7c7a21e1e755133f45646c7a
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1351b8e0d48b23b501977d5e5f33985307bcb42234c1936477aac36486e8b461
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
1a920ff6636346b8d6d4d874b1063ad90ada93f75df9dd435b026108096c052f
1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1
1ae8bbb7baf2bcf96f7e2cf9a63b11603ce80e344d19425d4f93241a95fee40e
1c3e0290a22342caca438ac21066b7dfb363860cd0a3a6c2bb23fae4f6a22583
1d142a7f3250bd1191cf1fdf539fc87c89b47ae3cadcebb65252c9a1b0abdab2
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1f3dd8063edfcdb39f4a2163e59dbc73e16a688c59979a4103948fcbf060f385
1f9a420d5ee2aac604f4a89e935a225d1bb2ea94837bd96bd84b9186dfbae792
220d9ee76aa547f9a0555829cd88b5aea75ec009aaa09ddba5d912918c9101c5
22e62f07c3d37c4e0b8f717bda7ac0c60362fb80380c9f6def693dd4f9b4567c
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
2490dca056df88c5fa2b7d13f670ea9ec6da600d14641e058e59ab9ec72cb43b
26264649cc6ad0e4b3de371e128c8405cf993313cd561b7b6097654168dacba4
264a9f68bc3265a6194508c165442f355ca9caca4c5a8b0d5316bd671a3fa98d
2848591265cd302bdf0cd607052a2369de434f65f17d70db6c62645f737b5df1
28c48173a3d22a330c9be901a0d58053bea418e04957197f1e3fb2784da355dc
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
28f8b1498341b0901f5d9670a32c696733d9d7c1dee89d5d872004a4767a79ff
2a1e278d7fc082b3bf0de39e47f2ddacf260ae25c2af933c1e50de5c0f1e5899
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b6064887ef3e3f56b479f8ea7f09711dd735504e5ba4f937ca2243eed79ca08
2ef7215476637d3fb3a62a1bd803c0c332385673edcf03d138bfaad922b686ef
2fb7f5739c9d862a22dec28c181d2218487ab202b7729a88462139ae4873da91
30a2d58e5bc99ec6b7e4922f95da03b885b1273f0fd9d5a4fd8dc747780bc83f
312d863dabb6b960a2ca9b26826807c46b5330b1632b571c3f14f9243cc3f1f0
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3881df512f8c292238a6ce58f703dba1e7cf3914e0281b02d5d951bd5696598f
39ef04fe42bfd7cc873ba06dd25243617a76755e49ba73599905434a74b02fce
3a3495f9b6eecc87d4806359ca818194adf6784c4b1b01c9b27db703aa841468
3af14eb5abf9650deec9b50f619bd457a8bf949953bcf5d1b93ece38828c8570
3d265cfe07f060823c71a7ef1f9431b4771e201764aa0ceac82f67a8ce930a2d
3d34e266cff7daf684b00f9b416ed963117deae77d3ce5c784660c54ddf3e638
3d54d65d1a3e03ee57b6b3bea623447a1d39393610bdd51bb389fe20c0b17f78
3ee2edf2ddb1d690e30013c9af36fd43243bded4b13941716fe64bc54dd9c8f0
3f954557bda3136a6f1837cb768a66dbd911dc502641417f51c49b2142e41f80
3fa038660bda739cd06e007628e1d7b8ad1d300aff5c9acce85e73f9ecacc2ae
406095ed0a9d3c88602e22c53d877053de68f8bb1c8278dcf809773fd0eccbd8
409066a1dd514dfffa9f6492c3c0ef37d49d5ea49b86270c1fbe8d31fb29e7df
42d0ebce89d443f8ce5dac28e833b411863ce56bb1a6f21a3c88613a3ae0e1c3
450047a0f4712cab19f1c2563ee80af7efb6b76dc482ad5795a29c83663254a3
460ff0b1da5bacd95df6905ad1c8df05bdda30aa4189e2fef38b53b6318e42ff
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
4686dc7c34b149b626ab16806d01e0f22395a6152914958516887c67ceb6ed2f
474f7459231bfb540c70dc42c04766bddc36c1b395846cce58b235940f5149bd
478e9400d4daee656ea306f2d9e1a52e8b79ec2dce734a69104cbc12238afb1d
48012b05667d29c055974d8e07dae05da00777f1872969def6314111f8128d69
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49103470dfd331d2704151ad74c2a81cfac66820a989e59f3391b86627622434
495d2f8c8b7f1bbd664c2c10c086a644e63e4934b9734813b27956a34709eea4
49ea0b5132d871b994e37f74e8a372306457ff6793ad457875495b8cd0319e3d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d9c73df8620d65afdfae662bb0ccb6732673273a25727e1b8d5690dfa060cd3
4dcdd6d10dad35b491a5e61ea71b75dbff8f7ff0446771c9ce29d99fb24a5501
4ea34c1d36b23fb7bf4e0931d297210e14050e7f34ae38a7b2d49379681c24b3
4f00ec40b144121114b6cec693fccc2b51a06ab01fc34defa466467b581a7f2c
4f13719c7f32f47fbb930cda3f0e8d46238693e82c97bfcea5779f2da06258ca
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51a9972c6f13b5510730dff6c349f812510c778b2f7722f00426c287246c50cf
525fd51ee4a3748ef5b0db4137535e93095cdc0a8890b376e2dcd92051af019a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55bd442d45ef481e3f0eb795894dd94f1a5e38f2a4847c2f49371010e1e013c2
5706ba2c54d9646655168aa1e2750a25fa9b606e65232eb77323d706fe5a030a
5841eb6d1895c740317d98a4cd9e5aeced865f5c50182647401afc3d303367e1
5847707988b0ee28c7b583abaabd6c203ad910326e5b9fe12149a0bc8ac43e5c
584f814328996ae9a655eb8b2073a86b2fd17686300372f73e031e085a15cb37
59f93c8637fa1e41eb70ab270cc6a5dff7887d9ab040daec1a8fba1e3edc4cd5
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5cb834c20a13b0051afad7ca7b33e5f1f48c0596431f5d31d47135659ee769d8
5f03fe09e4bd67576cab21756ac8437d4c768cb213534290a8f795dee45a8497
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62153f07b8c253ba34daaec5606127c97cd20b6ab96c44f86deef696adc2026c
635d071ae31125c5e23d93a86781ac0fddd0a23ea1aea928a1d45384b6f1e536
6410ce750d01ceff4d65ec282babbed0c97e981737229bd8a3bd2e4d7154da2d
67ed54856b743c6e064253f611084475015ce883fff3150f710b8781e599d4a0
6823285eb46b5b3f5c60cedb96d66a4d18bdc335096705d9f9c72aa681ddab5a
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349
6a94dd7a301221c391c6319c63f7f47de0731a74d3b5a83f2630243d039d8d6a
70981391c8766799262003ec9ea88137126e37529c6ba6b256677e38d0dc4549
7100e445fb5d6e14d41fac6de8e369246ad621dfe8473cabbdb9ce535c14e4a6
711a8d3c6d036e5d2907810b7255622e34f23373f8d1387a1fc938e44c60fea0
7b4ea36b6e77fdee793a889c04714fa519640339f7df11f2258780a400769ccf
7b721ad5a520ac92408e22a65991fb6d2e6d4fe6c4b443b3f65b778a4726c01b
7d6bca6128f1667bfba242d961e67a8f03575275a8b41fdd5fecd105cba06adf
7d94df92f8f4fa03f69f6c0c743c7548b5dbb361a8277c44f4761d72f7c33325
7e2f04029abafb1d17957d7301479ebd6627314236cf3b7800592f1d6c34c501
80aaf8f87007d51ed26c959e07b74357f73f280e7a4f17869a92fd1c73bdd2db
81adb16c8bb35872dda383ce3a44a4c88acab45aeebd14352ae9fee24582651b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d56754fb658ec50906e682d45d01ec010e2f77d7da69fcc56a85ab276de39b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
88b297909ac525c046a6a2e7942f2c19283fa3f8b64e114a3dc3da211399afca
8b19a61a5d1cd4295bb8c4641af8e0980c1e13b30716a0d7c329455d27e26e82
8b89cf78a666983a961940e155386b7cbe0f104ded9139a509af316ad266db7e
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f4db8387015ff9cd69562542ad02e294fd0ee2caa394c7d79b6a7af2cd0a7b7
8f91525bdc6d74bb66a55f1cb8e082cfcbf7db12486a6ce7ab5bedbff5c87d72
9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690
94f2d40ce4f18b3b77bc513987e1154b6b9238ededecd1a794717b07b4ef6363
97f59ccead873800701418302300e1c43fc7d41efe5aeb412d8279fefd5cd913
9a19938485ca7f6c582d3f78d17d9e443d26b260cac24c9dd9499f70b5d28390
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9be6923457d76debf4c512fac0a2173aaa94748868d26566515ce2a4156d083d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a28fedbbe7acb13a8f3a832de7e1daa1d72963ae0b5766cc2281459f737f343e
a380b22eb284e42a920b51c0154138674af944f4f9a6df3550dad00767363c5f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a60ee0defcf22ff93634f94b57e6e8f96511993a866686d79118f740adabfbc3
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a750faf879f5317826ed7a5bc0f0c2e773176ceaaf0e2dd519a126590d10e77a
a846c83b4020af0dbf31b1feb5368bdd0ee8ba5967c00daa34d8ce72161e9db5
a956d4dd829b20fe09cf8a065057bc9d3134e7dd91234d1073f653efd3bece20
a9d0c7386619ee9332d28a857852f6a36124d7ec75f10fef15d317535242c9b6
ab5d5e8a0f24a0f889660cf30d67f447fc32072949c2036f0bc8b0386e518d4b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afbd6d3dbf677900ec3d80e8057a7b9f93f72e5971494ed7ce7a4be1cb7c9ae8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4a576181de48e65c16476d10dcb5de9730675835d885ae49ae1ae3a67ae950b
b553cb7bbf360cbbe9aa5e62af7fe288a034b0781127c9d3c461142ab5f3ee77
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
b789b1da352bba94946ddfe7f898daea8622b3b9e59cbdfd51cfd9a242ff938d
ba70adf2020216558d39892f39d469a3b8eabefe26e3fe038c4e14272fcc1506
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
bd3871c5dc9d47fd4a3376b505550129eed1ef2bfc201b9b87fb374aed7737d5
bde8ee7a5dafcd582aac127e0b48ffc72447e257e2752d49a2705afde999a576
c0a94ae2db0dd23a51408c7f95b5ee7b4832fb1d2df99eb33c1d09792ed8c472
c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac
c1e6bef1d9df884fc7be3b76178b6e71259de882a5026d4c5c2e1064db168770
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c2fa1582ffa0e2eb5a7513667bbaa63f5f29031f37760dea9a5c43b6789c677f
c63635ffe1ea1c4731169ccfa13c0499174c7634d264beb4fca4809b7e75c0ee
c72b689cf8fbb9638185c4cb5d1904cd502170ba35a3966ff61a6f8126d4de8d
c8551d5827d3b97980f38b6448a6bc9aede2808c3e33ea5a24e49f89cafbe1a8
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
c94d6e372e040ee6aadb4ef8311b3938c5cd662cbee5cfcc22621ce1696b4c05
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d2d1f99c618b5769b7217e3f192c3cbbc9f78094ebd173250bf8b33675147d51
d4bc3ba9aec293219630e2a007c7091bad483ceb74779ace8c2c525732cd0985
d8ad87d4c2f7226f852006316f3b072273bc35d2ab75a16c0e42c397c4907e66
da735d3199614d9ffe125c63cf2de104ff5938f5e906051b098483a902906193
dd7f250339a21ad330bb49e9eb293a87a092c0a7cc593866e8c5ac1b6e72f7e2
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e116db0857de44aa82eda62548191830e06ee9ea84d8af971f45a197bd05c243
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede
e2e60e9eae839d6b2e857c708f6d02ae6069141594b941a1590cd5c5435d42f4
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e313a2ab2e82f6944956fbaea510bf0047c6e3ca8a69b67a333bcd4f7b818166
e3293ad8919d2d0564a38afe9b8a6cf876c94b041fabaeb1cfd38dd73806132b
e355c038be97b5f05a5d8736278b89931ab827c62389b1c37fb6e85c1d52dd45
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc
e62f7ccfc8925a4fc983e1eca469858fb63cbcd6efe450dece6f625a22a8d708
e645aa1499532236c890f328050813c6ae0129adec27552918a58e0a62b12f57
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e916d6f3c9c316368f99463951a426d09d4ddd223e961652728b519efb11e772
ea79220df5a0d40e93423c97ad9c6de0cc48cc6524c69d52d82b8f28baf629c6
eb9c3e25002c15649cf0f61381158425d5cb8e76d13d6d54859c7e63866a3e01
ec7381300dff18f502aff136f708b906a011921c25b53a9b1a6dbb447cbee2de
edc2f59d05d2fffed23091cc693e42114fbed342a794283c715f85524fb4e79c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6bc941d7d6a3d66292a506378c7c6e2e765a15280fa7e56cbd02a8e17079ac
f0821c1b6197393875482c8811f87eb25e07f0a9b4e1a65ff9ee913850081196
f1415e3d06dc4f34dd36ed7a3b4ab2adfff64ead666792e8a0589bbae62e46c9
f153f40f822d39380a481c6873c18795229a865e35d14d0aa94c0afbbc5b167d
f1dbbc4be8d88ae17466b1d7a8fd7bf4f9d9b5ab492719cdea721d82cecb738d
f1efe7ade86d518b386d775f80991a542daa43b7ba7359579adb8968c0738b90
f2c5f4877388d7874aa3dc8972e9917cb566e9a4de4de63c1473462a6811bf97
f4cd27b5ef047a264e3a40b63ba85441de12d23d043a986d469ec1c757067090
f534e664d4e466f0c530d4dfbe4fc5803dc9473d7886848faa4d1fd392cda453
f91417ba47adb96f6358862c68ce52f90977d4f5e806c99deaf76414766d0d02
f9f7ca92ac484587069e344faf7ecd9f82c53739d5008d5adcfafa7e705d9ba9
fa5d2912bec294d33c9dc4be4a00a9a5f4ac993049a935f4535ae687e3b08d0b
fb7d63e9133e595daf4f3c497119716e275f35bd5fa388802d69da5de9a34813
fdac1a3247f6636b0a366c779803ca0af16f5cf36b2ab34a5d48a0911cd59e1a
fde98a3e06f299a73b0a3eb6c095649b9c3f9c342596091936a4675fd6980a1c
ff52e77e92ebac2ac40d34ba22d46a973f17759427f09c374b55e1e1c0bc954d

portaldobitcoin.uol.com.br Open in urlscan Pro 200.147.4.47 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

304 Requests

89 %HTTPS

56 %IPv6

41 Domains

66 Subdomains

47 IPs

9 Countries

3807 kBTransfer

9167 kBSize

55 Cookies

14 Outgoing links

Page URL History

Redirected requests

304 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

portaldobitcoin.uol.com.br Open in urlscan Pro
200.147.4.47 Public Scan

Screenshot
Live screenshot

Full Image

304
Requests

89 %
HTTPS

56 %
IPv6

41
Domains

66
Subdomains

47
IPs

9
Countries

3807 kB
Transfer

9167 kB
Size

55
Cookies

304 HTTP transactions
7 data transactions